40b62c763a65e79be906aa226f033c50_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40b62c763a65e79be906aa226f033c50_JaffaCakes118
Size

46KB
MD5

40b62c763a65e79be906aa226f033c50
SHA1

a5d73ba60eaa11b71e4d693d20548896c7dd4fc5
SHA256

7f2277cce7f303d10de344abb9c43eb21fca8d034733310f2ee14337f942fe3c
SHA512

8b79d26f5c365148940584091a17a6a9a3b2bd56d71004a6feeab4b037f7ebda968a395dbc228f3129450c215bf2effc7830e8d1abf3cde602bf7e41221508fa
SSDEEP

768:i/AceC5vJm/Nera+t3OFS/ZD05I0HxWAOKgk63V5Is:iKiUeragSF50AOKqb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40b62c763a65e79be906aa226f033c50_JaffaCakes118

Files

40b62c763a65e79be906aa226f033c50_JaffaCakes118
.dll windows:5 windows x86 arch:x86

48221d3fff7c6fddac14ede36dd1ff32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
CreateMutexA
GetVersionExA
LoadLibraryA
QueryPerformanceCounter
ReleaseMutex
SetErrorMode
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObject
lstrcpynA
lstrlenA
lstrlenW
VirtualAllocEx
GetTickCount
CloseHandle

user32

GetWindowThreadProcessId
LoadIconA
LoadCursorW
SetForegroundWindow
SendMessageTimeoutA
LoadStringA
MessageBoxA

advapi32

RegOpenKeyExA

shlwapi

StrCmpIW
SHSetValueA
SHGetValueA
PathRemoveFileSpecA
StrStrIA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ