40c2b2056ba60b4cfc18302c65c21cea_JaffaCakes118 | Triage

Sharing

General

Target

40c2b2056ba60b4cfc18302c65c21cea_JaffaCakes118
Size

177KB
MD5

40c2b2056ba60b4cfc18302c65c21cea
SHA1

7509dd138fee3260904ab4e2c0d87fda3dcbd453
SHA256

aa0afe12b901bd1505ec060a90e18a3ee4e500db32adea6c08ff481e0ad45f81
SHA512

256c58f368c3ebb917d3a8804c81f3480a7ca268b54e63983be2e8097b28d242de837781f1910b37b766106ed6eb08f2e32ec3e005d1c8043173b93084094492
SSDEEP

3072:jLvMI//BH7+q/tPdu2WhOIHbXroa0IqNJwBPigR2GeDQgK3F1Tvk0nKxW4a/:Xv/Hh+q1FApbrL03Paqy9hsWKxW//

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40c2b2056ba60b4cfc18302c65c21cea_JaffaCakes118

Files

40c2b2056ba60b4cfc18302c65c21cea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f004da102eb82f96b10810178eb7eb05

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSection
GetCPInfoExA
Sleep
GetLastError
RaiseException
WriteConsoleA
SetStdHandle
GetLocaleInfoW
EnumResourceNamesA
LeaveCriticalSection
InterlockedIncrement
CreateFileA
GetVersionExA
EnumSystemLocalesA
IsValidLocale
HeapSize
RaiseException
GetUserDefaultLCID
RtlUnwind
InterlockedDecrement
GetConsoleOutputCP
IsValidCodePage
DeleteCriticalSection
WriteConsoleW

rpcrt4

RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ