40e10d8e9f883d9a2648e675798ad43c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40e10d8e9f883d9a2648e675798ad43c_JaffaCakes118
Size

170KB
MD5

40e10d8e9f883d9a2648e675798ad43c
SHA1

2a70273466fa78f74c2cfdb6c08d5a0c633bcaff
SHA256

6a39452fbf076bb0aac30ddcf5c38b330b98de667b1a7916264cb233fadff44d
SHA512

fb3bb96d2f02bb9b97771a1a2939f160ed7fe564b29843b3619052e2595bc29860f39e61b1be49869d87f0d500212ae877a568d5753a9a35d021585d51ed18b1
SSDEEP

3072:j3D6V2WogSAWBUW5/CQnXEGUV2wCYgFR49H6igY/ks9ln5I8S8Hp:jD6V2lgSLqgCQnhZw7kR49H6igE5IA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40e10d8e9f883d9a2648e675798ad43c_JaffaCakes118

Files

40e10d8e9f883d9a2648e675798ad43c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d979eebdccd1d6df5032823438f1530

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
lstrlenA
GetTickCount
SizeofResource
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
LoadResource
FindResourceA
ReadFile
SetFilePointer
GetModuleHandleA
lstrcatA
lstrcpyA
CreateDirectoryA
SetUnhandledExceptionFilter
ReleaseMutex
GetLastError
CreateMutexA
GetCommandLineA
Sleep
CreateThread
SetProcessShutdownParameters
FreeLibrary
GetProcAddress
LoadLibraryA
RaiseException
InterlockedExchange
LocalAlloc
GetStartupInfoA

msvcrt

strstr
strchr
realloc
malloc
_except_handler3
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strlen
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
_strnset

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ