40f0672c3a394756e137418ba07a12bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40f0672c3a394756e137418ba07a12bd_JaffaCakes118
Size

126KB
MD5

40f0672c3a394756e137418ba07a12bd
SHA1

5346fd6888f35e8fbfa0abcc9de554549db1b15b
SHA256

ba1ba74ff6d7feaf107f2018fb7e2d3da3a829af05ef991819fc29fab30dcc59
SHA512

417dd72a12ce96dad79949a41a79f327c40ec54c4be8faea5ace2972e1ca57036cf498c50ed88ef231ae800566538bc5d7533e7ad18ae10763013161a1dc6ed3
SSDEEP

3072:KvfVh2/6dny/A3nf1yLTY91oi21EtW9PW/0Iol372M0Ad:Klh2daPxcgU3arA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40f0672c3a394756e137418ba07a12bd_JaffaCakes118

Files

40f0672c3a394756e137418ba07a12bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5ae2016ff88b7e377e64a212b8fa545

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFile
GetProfileStringA
GetProcAddress
GetFileSize
ReleaseSemaphore
HeapFree
VirtualAllocEx
BeginUpdateResourceA
GetConsoleCP
CreateFileA
GetPrivateProfileStructA
GetProcessAffinityMask
FindFirstChangeNotificationA
CopyFileExA
GetThreadContext
GetModuleHandleA
GetThreadPriorityBoost
PurgeComm
GlobalWire
DuplicateHandle
SearchPathA
GetTickCount
GetCPInfoExA
ClearCommBreak
GlobalHandle
LocalReAlloc
RemoveDirectoryA
CopyFileA
GetProcessHeap
GetPrivateProfileStringA
DeleteAtom
GetLastError
GetStdHandle
ContinueDebugEvent
QueueUserAPC
GetFileTime
LockFile
MoveFileA
CreateDirectoryA
LockResource
FormatMessageA
FlushInstructionCache
IsBadCodePtr
GetConsoleOutputCP
LocalAlloc
GetCommandLineA
GetLocalTime
QueryPerformanceCounter
DisconnectNamedPipe
UnmapViewOfFile
WritePrivateProfileSectionA
GetPrivateProfileSectionNamesA
LocalCompact
Beep
FoldStringA
DeviceIoControl
GetNamedPipeHandleStateA
IsProcessorFeaturePresent
FlushViewOfFile
LocalLock
FlushConsoleInputBuffer
MulDiv
GetShortPathNameA
GetPrivateProfileSectionA
LocalHandle
GetCommMask
UpdateResourceA
GlobalFlags
GetWindowsDirectoryA
GetProcessWorkingSetSize
HeapValidate
CreateRemoteThread
CreateFileMappingA
GetBinaryTypeA
SetLastError
GetUserDefaultUILanguage
SleepEx
WritePrivateProfileStructA
GetACP
LocalUnlock
GetExitCodeThread
FindClose
GetDiskFreeSpaceA
GlobalAddAtomA
GlobalSize
GlobalFree
GetThreadTimes
FreeResource
CloseHandle
PulseEvent
IsValidCodePage
LoadLibraryA
OpenMutexA
OpenProcess
WaitForMultipleObjectsEx
GetSystemDefaultLangID
CancelWaitableTimer
LoadResource
GetDriveTypeA
ReadConsoleA
GetProcessHeaps
OpenEventA
GetUserDefaultLangID
CommConfigDialogA
PeekNamedPipe
GetCPInfo
GetLogicalDrives
VirtualQuery
CreateDirectoryExA
GetThreadSelectorEntry
GetSystemDirectoryA
CallNamedPipeA
SignalObjectAndWait
FindResourceA
Sleep
AddAtomA
QueryDosDeviceA
DeleteFiber
GetThreadPriority
EndUpdateResourceA
FlushFileBuffers
AreFileApisANSI
ResetEvent
CreateEventA
GlobalFix
GlobalUnfix
GlobalUnlock
LocalFlags
FreeLibrary
AllocConsole
SetFileTime
OutputDebugStringA
WaitNamedPipeA
VirtualFreeEx
GetProfileSectionA
HeapDestroy
VirtualLock
SizeofResource
GlobalCompact
GetStartupInfoA

msvcrt

srand
rand
__set_app_type
_controlfp
exit
strstr

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f5ae2016ff88b7e377e64a212b8fa545

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 110KB - Virtual size: 110KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 110KB - Virtual size: 110KB