40e768533b9867696d5d7c51ff3470bc_JaffaCakes118

General

Target

40e768533b9867696d5d7c51ff3470bc_JaffaCakes118
Size

188KB
MD5

40e768533b9867696d5d7c51ff3470bc
SHA1

9955f449d42b0f7f78c34041f161341d83cebe4c
SHA256

57a76bdd609c14dc38b6a2835940abd032a1761eef906c59122d7b1599c51a1b
SHA512

aabbcc792533b2d45a1d88132cacd75ff34d88dde7dfd31c7d329de75265904faf9b6f9326bea0952c4de368140147847b148abda7a21d744dafc23f461a08ca
SSDEEP

3072:PGI75VuAxZyafkiR+areuZrjHY7c6wk83hqIf+6qUpxq:775VueXD+EZOFwH3hR269pI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40e768533b9867696d5d7c51ff3470bc_JaffaCakes118

Files

40e768533b9867696d5d7c51ff3470bc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c33a6628b9fa69ab9ef4f619805a9d71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
FindResourceA
FlushFileBuffers
InitializeCriticalSection
GetStringTypeA
SetHandleCount
CreateEventA
HeapFree
TlsAlloc
GetCurrentThread
GlobalReAlloc
GetProcessHeap
GetThreadContext
OpenProcess
ExpandEnvironmentStringsA
GetModuleHandleA
WideCharToMultiByte
ReadProcessMemory
IsBadStringPtrA
SetLastError
CreateFileMappingA
GetStartupInfoA
GetFileAttributesA

msvcrt

isgraph
_except_handler3
_ismbbalpha
printf
exit
__set_app_type
_mbsbtype
_vsnprintf
fputc
strspn
towupper
_exit
_wcsrev
__setusermatherr
_controlfp
_umask
_longjmpex
wcsftime
_mbctolower
_wstrtime
fclose
isleadbyte
__getmainargs
_mbsnbcmp
_initterm
_acmdln
memcpy
_copysign
_chmod
_ismbcsymbol
_fileinfo
_mbsicoll
exp
_inpd
_adjust_fdiv
fmod
__p__fmode
_XcptFilter
_wcslwr
_wchdir
__p__commode
_mbctohira
_heapmin
_inpw

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c33a6628b9fa69ab9ef4f619805a9d71

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 177KB - Virtual size: 177KB

.data Size: 512B - Virtual size: 92KB

.rsrc Size: 512B - Virtual size: 4B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 177KB - Virtual size: 177KB

.data
Size: 512B - Virtual size: 92KB

.rsrc
Size: 512B - Virtual size: 4B