40aba624cfc78ad0ad75e0a322cd4306_JaffaCakes118

General

Target

40aba624cfc78ad0ad75e0a322cd4306_JaffaCakes118
Size

203KB
MD5

40aba624cfc78ad0ad75e0a322cd4306
SHA1

15cacf99eb58c44d8ec90667cf08e7b32f1efd1f
SHA256

1321325579b9de13efb34aaa3787fd64fedf8d20d80cfc2dd917956c5fa3d024
SHA512

8dd88dd40d74303ffce2fc7d327d6538d6f9767ddd692d83e5838b5703e7037e164ddf00d1ec8c8d6f60e5b17e039e3412eae958e2ce88b4c2743b620513ba2e
SSDEEP

3072:bCoDIzk4pEZyPEpSDMP+1yten/wpKvasLGagZiXnVVmMD4qFf6sm6TAn956DB4:Ez9pE69IMaWGaJj4qV6smuAn76l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40aba624cfc78ad0ad75e0a322cd4306_JaffaCakes118

Files

40aba624cfc78ad0ad75e0a322cd4306_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6971116bf150126853fe38bbf8ce7bf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
SetHandleCount
SetUnhandledExceptionFilter
GetTickCount
FreeEnvironmentStringsA
GetModuleHandleW
FormatMessageW
GetFileAttributesW
GetLastError
HeapFree
lstrcmpiA
SetFilePointer
InitializeCriticalSection
EnterCriticalSection
GetCommandLineA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetExitCodeThread
LocalFree
LeaveCriticalSection
lstrcpynW
DeleteFileA
GetVersionExA
GlobalAlloc
GetDateFormatA
FindResourceW
CreateDirectoryA
GetStartupInfoA
UnhandledExceptionFilter
FreeLibrary
InterlockedExchange
Sleep
GlobalLock
lstrcpyW
GlobalSize
VirtualAlloc
SizeofResource
LoadLibraryW
GetACP
GetLocaleInfoW
WriteFile
lstrcmpiW
CloseHandle
MultiByteToWideChar
DeleteFileW

user32

DefWindowProcW
IsIconic
SetWindowLongW
LoadCursorA
GetMessageW
SetWindowTextW
LoadStringW
ClientToScreen
GetWindow
TranslateMessage
SetRect
UnregisterClassA
EndDialog
MessageBoxW
GetDC

gdi32

SetWindowOrgEx
SaveDC

msvcrt

iswspace
_wcsicmp
exit
_amsg_exit
_initterm
_wcsnicmp
??2@YAPAXI@Z
malloc

opengl32

glPushMatrix

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6971116bf150126853fe38bbf8ce7bf0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

opengl32

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 6KB - Virtual size: 282KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 6KB - Virtual size: 282KB

.rsrc
Size: 2KB - Virtual size: 2KB