40b40f201022acc4fdc5a209fe264d6c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40b40f201022acc4fdc5a209fe264d6c_JaffaCakes118
Size

51KB
MD5

40b40f201022acc4fdc5a209fe264d6c
SHA1

e53a38baa75844d560527bfb86f4917db016ea4a
SHA256

cf18e734153451acc8009b838e72ec337581c478fa1f8298c0bb9b4c77ab5471
SHA512

d7e65bf7b1dd8611bcc34e1fa52bdccc45db5f99966c08f7ef08c896d8121f9c19cf7740d51721d55c2e30f9af49bee228d487361d49bfe3b7ee770d864612eb
SSDEEP

1536:Yc7TzuyAWKxK4inAdlhWImj/x0nPh127i:Yopj+K4in4lhWIGpAo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40b40f201022acc4fdc5a209fe264d6c_JaffaCakes118

Files

40b40f201022acc4fdc5a209fe264d6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f5dac69c9f17d3a0ae09d814feaa899

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
ExitProcess
FileTimeToSystemTime
FindResourceA
FreeEnvironmentStringsW
GetACP
GetCommandLineA
GetEnvironmentStringsA
GetFileTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
ReadFile
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetLastError
SetUnhandledExceptionFilter
VirtualFree

msvcrt

fwprintf
_except_handler3
free
exit
wcslen

user32

TrackPopupMenu
MsgWaitForMultipleObjects
GetWindowRect
DrawMenuBar
ClientToScreen
BeginDeferWindowPos
SetPropA

oleaut32

RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocDescriptor
SafeArrayCreate
OleLoadPicturePath

shlwapi

StrStrW
SHRegGetPathA

Exports

Exports

FindFirstCaptureDevice
GetNextReadyBuffer
PutBufferIntoStream

Sections

.text
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ