40e39a3269091849c533294b042c334a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40e39a3269091849c533294b042c334a_JaffaCakes118
Size

749KB
MD5

40e39a3269091849c533294b042c334a
SHA1

0af68adf615e74135e57737c3362375065570e87
SHA256

dd0b813635da248c3846efc0c0a9b5b0d115c8c79fceeab3da0683f6dc7ab7b5
SHA512

c7997e8099b17c9b88e3ae791b8c37523e31f42798ab048f6047ed73c65ab2c44ee821fd132ffa7052b87324b67a2bc261879b0b52e6343ab84d884728bf5b74
SSDEEP

12288:550Iii59Gwo+FcDkz40vFq1lZl1Kqk0EypecsBpR5lIQSSnOQLnPFt3gqOyRK:U4rj4YFelNKqk0EyocYQQSG5nXfV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40e39a3269091849c533294b042c334a_JaffaCakes118

Files

40e39a3269091849c533294b042c334a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f5007d9e97e4c34af94bc5ed9b6a238

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
SetEvent
HeapFree
VirtualProtectEx
FindClose
ResetEvent
SetVolumeLabelA
GetCommandLineA
GetDriveTypeW
GetSystemTime
IsBadWritePtr
FindClose
RemoveDirectoryA
GetModuleHandleA
ResumeThread
GetFileType
WriteFile
WriteConsoleA
GetVersion
FindAtomA
ExitThread
CreateDirectoryA
CreatePipe
CreateSemaphoreW
SetStdHandle

uxtheme

GetThemeTextMetrics
CloseThemeData
DrawThemeBackground
GetWindowTheme
CloseThemeData
GetThemeBool
DrawThemeEdge
GetThemeTextExtent
IsThemeActive
SetWindowTheme
GetThemeColor
OpenThemeData
GetThemeSysSize

pstorsvc

Start
Start
Start
Start

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ