40cab29b5d10012e09d00c672864fef5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40cab29b5d10012e09d00c672864fef5_JaffaCakes118
Size

276KB
MD5

40cab29b5d10012e09d00c672864fef5
SHA1

9fbc797be5df6e466a4cfced830f6a5e19e5a5d9
SHA256

4c0afac51ea5498d6dc2ea51bbcb1276971aec5cb31570257e7300c0da4f30bb
SHA512

26120867575ba8d5a54a0365fedd3ea9643eeaad30fd610e6f08b3e330de12b4e7197ec56d20389112ce7dc913f9bfa2e3f3231e07c67c5443655f54a1616966
SSDEEP

6144:nzUzAbNEefzt/1JHkRKqjPsuthl424jwmiWVzRPVikjNrfdK3FkK:nzREebt0Rnjc248cVzRPVxtf6OK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40cab29b5d10012e09d00c672864fef5_JaffaCakes118

Files

40cab29b5d10012e09d00c672864fef5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88fdffe636f320d0f9f6bee33b0e475f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
GetCPInfo
HeapAlloc
LoadLibraryA
RtlUnwind
WriteFile
IsDebuggerPresent
GetOEMCP
GetCurrentProcess
EnumResourceTypesA
InterlockedExchange
GetACP
GetStringTypeA
FindFirstFileExW
GetStringTypeW
SetUnhandledExceptionFilter
VirtualAlloc
LCMapStringW
GetLocaleInfoA

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

msimg32

TransparentBlt

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ