40eabf083a4823d9ec86ec38e0cf99a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40eabf083a4823d9ec86ec38e0cf99a9_JaffaCakes118
Size

256KB
MD5

40eabf083a4823d9ec86ec38e0cf99a9
SHA1

6f62fd5fa94c2100eb1a71711d3849147d3a1c1e
SHA256

d41880db1409b76331f59d5bf6ec1b13646e0304b1ff5603f2bcd4e25db1a32c
SHA512

8657c9c96bf181d028a6b3e44ef086fbf7e3c9135d0ac42a4f05f76eadc4dfb3dca49f9a987a00b0307285165f0be64b073d8c4177c4197507d812b91f31e926
SSDEEP

6144:S6mSKcsr4sbMi9mw6WwxD6tblGn5gL/JUrP6BKvhnHLX/NS:SkKcsr4sAi9mUwxKblGn4/JiVvxrVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40eabf083a4823d9ec86ec38e0cf99a9_JaffaCakes118

Files

40eabf083a4823d9ec86ec38e0cf99a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56fb622be0ff8b0c6fdf58cc584960e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleMenuClose
CreateFileA
WritePrivateProfileSectionA
GetConsoleAliasExesW
PulseEvent
FindFirstFileExA
Sleep
lstrcpynA
RaiseException
IsValidLocale
GetDiskFreeSpaceExA
Thread32Next
GetFileAttributesExA
GetVDMCurrentDirectories
GetProcessHandleCount
GlobalWire
MulDiv
lstrlen
SetConsoleTextAttribute
LocalSize
lstrlenA
InterlockedDecrement
GetCurrentDirectoryA
FreeResource
GetDriveTypeA
QueryPerformanceCounter
GetThreadPriorityBoost
lstrlenA
VirtualAlloc
EscapeCommFunction
HeapCompact

gdi32

SetViewportOrgEx

shell32

SHGetSpecialFolderPathA

winmm

timeGetTime
timeBeginPeriod

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 244KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ