30393f3cbd48b3794d2489b4f33bf2fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30393f3cbd48b3794d2489b4f33bf2fe_JaffaCakes118
Size

126KB
MD5

30393f3cbd48b3794d2489b4f33bf2fe
SHA1

243f51739d550643ca7d404dffbc7093e3d793cf
SHA256

c7ca63d30efb26131784f1a1dbf590585666a2eb38413de357a9f21b1592760b
SHA512

2ded3381e97a99ae3abe5d75db3884c11f04a02c9a313f58327af830a6459533e95441c006e8d2d8752ebc600d77ed16f1ccb9d40d8be16fd703aa78ff59fc84
SSDEEP

3072:5ejlsAWv9bXFk8Qzmx9v0sa94DK6gYe974wgCNgXdPVqm:5eRRWv9Vk8Qzm/sBlKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30393f3cbd48b3794d2489b4f33bf2fe_JaffaCakes118

Files

30393f3cbd48b3794d2489b4f33bf2fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e425d776ce69b8b3addeb4585a95f50f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentThreadId
HeapFree
IsBadHugeReadPtr
LoadResource
VirtualAlloc
LoadLibraryA
InitializeCriticalSection

shlwapi

SHStrDupA
PathFileExistsA
SHQueryInfoKeyA
PathIsDirectoryA

gdi32

GetCurrentPositionEx
GetDIBColorTable
GetBitmapBits
GetDCOrgEx

comdlg32

FindTextA

user32

LoadIconA
GetSysColor
GetMenu
GetSubMenu
CreatePopupMenu
IsWindow
GetSysColorBrush
GetScrollRange

Exports

Exports

_X2pUtE@8
_7jVhO
_hOmZX@20
_vLkiYMX@20

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ