40e0eed651df316ac5d2fd3c565460d2_JaffaCakes118 | Triage

Sharing

General

Target

40e0eed651df316ac5d2fd3c565460d2_JaffaCakes118
Size

97KB
MD5

40e0eed651df316ac5d2fd3c565460d2
SHA1

9b2e26f6fe15a9fa46493efe044550b3b6e2332a
SHA256

cf100ec6d3d32bcd1c7487bdc0159391679821860fcc0bc278c976b8f9539213
SHA512

5119682c42a7f7f2c72dd6a1c601e82aeb4494e2675560896c91c211780c5f9e058e90790ac8fe006d772d46e91ec22478e770f11164b8fc2af50ea75d232ebe
SSDEEP

768:2sEWJ9au6AwSV69+nK1qixoe+9PvkQJ8nnPpwr3jymQSUxD:2waUhHKEiyeYvHJ8BwruP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40e0eed651df316ac5d2fd3c565460d2_JaffaCakes118

Files

40e0eed651df316ac5d2fd3c565460d2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

773668b29ad23510ebea9807055a03c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
ExitProcess
GetCPInfo
GetCommandLineA
GetPriorityClass
DeleteFileW
ReadFile
ExitThread
GetLastError
CopyFileExA
FreeResource
WriteFile
lstrlenA
GlobalFree
CopyFileA
FormatMessageA
HeapAlloc
OpenFileMappingA
GetStdHandle
OpenFile
lstrcatA
lstrcmpA
GetLocalTime

advapi32

RegGetKeySecurity
RegEnumKeyW
RegCreateKeyW
RegCreateKeyA
RegLoadKeyW
RegDeleteValueA
RegCreateKeyA

user32

CopyImage
CreateIcon
AlignRects
GetScrollPos
GetDC
GetWindowTextA

Sections

.99c8
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.6621g
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0gg9
Size: 59KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8b0g8
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ