40648f3859d467a3b20c751f11d3cc3e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40648f3859d467a3b20c751f11d3cc3e_JaffaCakes118
Size

122KB
MD5

40648f3859d467a3b20c751f11d3cc3e
SHA1

43ab4092275caba5ebe638663438c27b1fa7cec8
SHA256

bcb82d23778cf93f8c954d54a1973cf1d909e411666ba1f4460f2e4360d95243
SHA512

ecf9e6cfd183d698728913c4f7820a457c3e4b5de9183a577a073cb9cf1c1516466bb80d1e262e282c8ab8b8bb5e2be73882630082ed7eb7fc38b00325bc222e
SSDEEP

3072:yF6L+KmIVZj0ko4zfz9WytZU+dA8jDdRodiShm3AU:tLqIVekjzfA/y/RodG3n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40648f3859d467a3b20c751f11d3cc3e_JaffaCakes118

Files

40648f3859d467a3b20c751f11d3cc3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

894c32d9d375f05a9ba75d1db7f032b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetCurrentThread
LoadLibraryA
LocalAlloc
GetFileType
LocalFree
GetCurrentDirectoryA
CompareStringA
CloseHandle
GetVersion
GetModuleHandleA
GetProcAddress

user32

EndPaint
CharNextA
GetFocus
GetKeyState
DispatchMessageA
TranslateMessage
BeginPaint
GetMessageA

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ