40ae88a62c82c3c83e474d043c2080ee_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

40ae88a62c82c3c83e474d043c2080ee_JaffaCakes118
Size

190KB
MD5

40ae88a62c82c3c83e474d043c2080ee
SHA1

81b7d2407c96824e2ee5cc683e62caef76dd2437
SHA256

ef31a140496f2d1dfe981e10da8f42d40f10858e416c3b5a693c8f9e6eec6ad5
SHA512

9df4a024e33b1875d0f59fefe4c0fc6e99d6bb9e800c1117599927c7c4a3ba280e24b3512487f714ab8c09ed985c5fdc95564e37d7c4be511a74fbb7c41d76be
SSDEEP

3072:DUdB8d1ppSnDkMFVlc+iVc8RTzYJAp9WTE8f5iWWH9a+0fNpf7faP8S8a:DUv61oV1ccJNTDYH9R8pf7y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40ae88a62c82c3c83e474d043c2080ee_JaffaCakes118

Files

40ae88a62c82c3c83e474d043c2080ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78ec899840a716c467a0001e821e45e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MapWindowPoints
CharNextA
UnhookWindowsHookEx
MessageBoxA
DrawAnimatedRects
GetFocus
EnumWindows
DestroyIcon
ShowWindow
SetRect
SetPropA
EmptyClipboard

kernel32

LocalAlloc
GetModuleHandleA
GetCurrentThreadId
GetCurrentThread
ExitProcess
SetEvent
ReadFile
GetLastError
LoadLibraryA
GetProcessHeap
GetACP
WaitForSingleObject
GetStdHandle
GlobalAlloc
SetLastError
WriteFile
GetModuleFileNameA
FindFirstFileA
Sleep
DeleteCriticalSection
VirtualAllocEx
ExitThread
MulDiv
HeapAlloc
GlobalAddAtomA
FreeResource
GetDateFormatA
SetFilePointer
GetVersionExA
GetFileType
MoveFileExA
SetHandleCount
GetCommandLineA
VirtualQuery
GetEnvironmentStrings
CloseHandle
GlobalDeleteAtom
GetUserDefaultLCID
GetLocaleInfoA
GetCurrentProcessId
FormatMessageA
ResetEvent
RaiseException
GetOEMCP
GetVersion
GetFileSize
FindClose
GetStringTypeA
GetProcAddress
SetEndOfFile
lstrcmpiA
GlobalFindAtomA
CreateFileA
lstrcatA
LoadLibraryExA
DeleteFileA
SetErrorMode
GetSystemDefaultLangID

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 1024B - Virtual size: 671B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78ec899840a716c467a0001e821e45e2

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 41KB - Virtual size: 41KB

.data Size: 132KB - Virtual size: 131KB

.rdata Size: 3KB - Virtual size: 87KB

.idata Size: 512B - Virtual size: 366B

.gdata Size: 1024B - Virtual size: 671B

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 132KB - Virtual size: 131KB

.rdata
Size: 3KB - Virtual size: 87KB

.idata
Size: 512B - Virtual size: 366B

.gdata
Size: 1024B - Virtual size: 671B

.rsrc
Size: 10KB - Virtual size: 10KB