40975b1f56bc85c71136184e338f1c44_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40975b1f56bc85c71136184e338f1c44_JaffaCakes118
Size

94KB
MD5

40975b1f56bc85c71136184e338f1c44
SHA1

27f3ca70ffe6ab8d654de4915384193df60a4d9e
SHA256

ad6c2221ad07c44f2a5150a24cfc67f97c386f11a92750194eed66fc0ea005bb
SHA512

52873d83554a89a93666c8970af0145161fcdda1bcab65e095c03e697671d25c126d70fda82407117cd7e5d60eeb80f6b52366631a6267dd99919028ec21ff6e
SSDEEP

1536:oHNgNeDSQ4gvveMN+7SzmUtqgeSSXSQ1R7cDFqutj+0iF+TOmgK0f20gTMpszQx:t4DSQXvy7SzmU3GiYKFqS9qmOmW20ULK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40975b1f56bc85c71136184e338f1c44_JaffaCakes118

Files

40975b1f56bc85c71136184e338f1c44_JaffaCakes118
.exe windows:5 windows x86 arch:x86

89579ac1520b195f224038947a0a12dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
QueryPerformanceCounter
GetCurrentDirectoryA
lstrcpyA
GetSystemTimeAsFileTime
CreateProcessA
GetSystemDirectoryA
SetFileTime
IsDBCSLeadByte
CreateFileA
FindClose
GetShortPathNameA
FindResourceA
GetCurrentProcess
lstrlenA
GetCurrentProcessId
FreeResource
SetConsoleTitleA
CloseHandle
GetProcAddress
CreateThread
GetModuleHandleA
GetSystemInfo
GetWindowsDirectoryA
WriteFile
GetLastError
GetDriveTypeA
RemoveDirectoryA
GetTickCount
FindFirstFileA
LocalFree
CreateMutexA
SetFileAttributesA
GetTempPathA
SizeofResource
TerminateProcess
SetFilePointer
GlobalUnlock
LoadResource
CreateDirectoryA
MulDiv
ExitProcess
WaitForSingleObject
ResetEvent
GlobalLock
FormatMessageA
GetVersionExA
lstrcpynA
FlushFileBuffers
GetModuleFileNameA
TerminateThread
SetEvent
LocalFileTimeToFileTime
GetFileAttributesA
FindNextFileA
GetExitCodeProcess
DeleteFileA
GetDiskFreeSpaceA
ReadFile
GlobalAlloc
LockResource
LoadLibraryExA
GetCPInfoExA
lstrcmpiA
GetVolumeInformationA
GetCurrentThreadId
GetTempFileNameA
GetPrivateProfileIntA
lstrcmpA
LocalAlloc
LoadLibraryA
DosDateTimeToFileTime
GlobalFree
FreeLibrary
CreateEventA
lstrcatA
SetCurrentDirectoryA
GetCommandLineA

shell32

Shell_NotifyIconA

advapi32

RegisterEventSourceA
DeregisterEventSource
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

ole32

CoUninitialize
CoInitialize
CoCreateInstance
GetRunningObjectTable
CoTaskMemFree
CreateItemMoniker

oleaut32

GetActiveObject
DllUnregisterServer
RegisterActiveObject

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 133KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89579ac1520b195f224038947a0a12dd

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

ole32

oleaut32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 10KB

.rsrc Size: 3KB - Virtual size: 3KB

.text1 Size: 133KB - Virtual size: 147KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 10KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text1
Size: 133KB - Virtual size: 147KB