30a7501bb0a2a09cb64e300c55261a53_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30a7501bb0a2a09cb64e300c55261a53_JaffaCakes118
Size

276KB
MD5

30a7501bb0a2a09cb64e300c55261a53
SHA1

44a87ce68ec495770bc6ab5d032659a99ecfd8fa
SHA256

0cc2061a7252be6ca7af0ee7050d92d41348aa634b59895ec70c6e5d6ba37cb2
SHA512

5ff4dc398c66d173ee33633bf98fd169d0fda3ecb11f6fa1049ca4c4777f4ee13daee4a924b6d55e0d881b5f36f718f009e5a7431057ceaaeb41bf8d682e7d57
SSDEEP

6144:3jyuZNHxc5yf5h5YT6TjLHL8nAzmk5ARNR7EHKGrhdWEeHlpjA:zyMRc5C5h5YWTjLr8n8mk5m7EP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30a7501bb0a2a09cb64e300c55261a53_JaffaCakes118

Files

30a7501bb0a2a09cb64e300c55261a53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b62af85f494686a30c1d46aa377eb41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
CreateProcessA
GetCommandLineA
_lclose
_lread
_lopen
GetModuleFileNameA
GetModuleHandleA
GetLocalTime
ExitProcess
GetProcAddress
LoadLibraryA
GetTickCount
VirtualAllocEx
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
RaiseException
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapFree
GetStartupInfoA
GetCPInfo
HeapAlloc
LCMapStringA
GetLastError
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapReAlloc
CloseHandle
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
TerminateProcess
GetFileAttributesW
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
VirtualQuery
WriteFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FlushFileBuffers
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
VirtualProtect
GetSystemInfo
SetStdHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
CreateFileA
GetOEMCP
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
CompareStringA
SetEndOfFile

user32

DestroyMenu

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b62af85f494686a30c1d46aa377eb41

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 132KB - Virtual size: 178KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 132KB - Virtual size: 178KB

.rsrc
Size: 4KB - Virtual size: 16B