40988c3bd0dc52001c6c45745ab763f0_JaffaCakes118

General

Target

40988c3bd0dc52001c6c45745ab763f0_JaffaCakes118
Size

136KB
MD5

40988c3bd0dc52001c6c45745ab763f0
SHA1

b0bc1d936fea247098c48e5fe97cb2d87ce9d379
SHA256

6c118962bd51acc5035d5aaaf6500affe52ce63e8e74b396adde4fb85e1dbc8a
SHA512

05ca016e77e1703ccf7c5e6988ab2950711edf2fcfbdc6dae8a130905a1ef50461eefc192c3fff72be749358c4a08112a5dede55cbcf052d42661a1420d23365
SSDEEP

96:M8kUQnLUakUQnLU4DKMR1tM6PlD31It4GIXH:M8kUQgakUQg41/hFIypXH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40988c3bd0dc52001c6c45745ab763f0_JaffaCakes118

Files

40988c3bd0dc52001c6c45745ab763f0_JaffaCakes118
.exe windows:0 windows x86 arch:x86

193a97059f5dbe2a295bed1bb18140d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
BaseInitAppcompatCache
ClearCommError
CopyLZFile
CreateActCtxA
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingA
CreateJobSet
CreateVirtualBuffer
DeactivateActCtx
DebugActiveProcess
DebugSetProcessKillOnExit
DecodeSystemPointer
DefineDosDeviceA
DeleteTimerQueueTimer
EncodeSystemPointer
EnumCalendarInfoA
EnumCalendarInfoW
EnumResourceNamesA
EnumUILanguagesA
EnumerateLocalComputerNamesA
FatalAppExitW
FindAtomW
FindFirstVolumeMountPointA
FlushFileBuffers
FormatMessageA
FreeLibrary
GenerateConsoleCtrlEvent
GetBinaryTypeA
GetCalendarInfoW
GetComputerNameA
GetComputerNameExA
GetConsoleAliasExesW
GetConsoleAliasW
GetConsoleMode
GetConsoleScreenBufferInfo
GetConsoleTitleA
GetDefaultSortkeySize
GetDiskFreeSpaceA
GetDllDirectoryA
GetExpandedNameW
GetFileSizeEx
GetFileType
GetFirmwareEnvironmentVariableW
GetFullPathNameW
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleExW
GetNumaAvailableMemory
GetNumaAvailableMemoryNode
GetNumaHighestNodeNumber
GetNumaProcessorNode
GetNumberFormatA
GetPrivateProfileSectionW
GetPrivateProfileStructA
GetProcAddress
GetProcessHandleCount
GetProfileSectionA
GetStartupInfoA
GetSystemDefaultUILanguage
GetSystemWindowsDirectoryA
GetTapeStatus
GetThreadIOPendingFlag
GetUserDefaultLCID
GetVersionExA
GetVolumeNameForVolumeMountPointW
GetWindowsDirectoryA
GlobalCompact
GlobalFindAtomW
GlobalFree
GlobalGetAtomNameW
GlobalLock
GlobalMemoryStatusEx
Heap32First
Heap32Next
HeapDestroy
HeapLock
HeapUsage
InterlockedCompareExchange
InterlockedExchangeAdd
InterlockedIncrement
InterlockedPushEntrySList
IsBadHugeWritePtr
IsDBCSLeadByteEx
IsDebuggerPresent
LZCopy
LZOpenFileW
LZRead
LoadLibraryA
MapViewOfFileEx
NlsGetCacheUpdateCount
NlsResetProcessLocale
OpenJobObjectA
OpenSemaphoreA
OpenSemaphoreW
OutputDebugStringA
PrivCopyFileExW
Process32First
ProcessIdToSessionId
ReadConsoleInputExA
ReadDirectoryChangesW
RegisterConsoleIME
RegisterWowBaseHandlers
ReleaseSemaphore
RemoveVectoredExceptionHandler
RequestWakeupLatency
RtlCaptureContext
SetComPlusPackageInstallStatus
SetCommConfig
SetCommMask
SetCommState
SetConsoleCommandHistoryMode
SetConsoleCursorInfo
SetConsoleInputExeNameA
SetConsoleTextAttribute
SetDefaultCommConfigW
SetDllDirectoryW
SetFileValidData
SetInformationJobObject
SetNamedPipeHandleState
SetProcessWorkingSetSize
SetSystemPowerState
SetVDMCurrentDirectories
SetVolumeMountPointA
SwitchToFiber
TlsFree
Toolhelp32ReadProcessMemory
TzSpecificLocalTimeToSystemTime
VerSetConditionMask
VerifyConsoleIoHandle
VirtualFreeEx
VirtualQuery
WriteConsoleA
WriteConsoleInputVDMA
_lclose
lstrcmp
lstrcmpA
lstrcmpi
lstrcpynA

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

193a97059f5dbe2a295bed1bb18140d1

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB