30422e19f990d2a324317e6074857b8a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

30422e19f990d2a324317e6074857b8a_JaffaCakes118
Size

497KB
MD5

30422e19f990d2a324317e6074857b8a
SHA1

0d972e4a82ff59fe73a8460c85c23d9b38280a58
SHA256

adfff01fa4e40d0f4d13f2522613d50faf55127f93b452fbea4775ea3972d1f8
SHA512

0c05bed27be4db4cb0314a39b059f41fdd8d43c2f71d9b34c613990885d0f4b6887ac59b117950f56faabfa11c16a4e12fca122255829a81ce241a7fb6871fb9
SSDEEP

12288:arYqh8r1+uP5BnTEQftNr+sVf3Fl9+KblZJoJ:a9Cr1LP5BnTjtw+Fl9+KbvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30422e19f990d2a324317e6074857b8a_JaffaCakes118

Files

30422e19f990d2a324317e6074857b8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57138462262dd6f7bc04ae4c1d1727da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

WaitForInputIdle
RegisterClassExA
FlashWindow
AppendMenuA
DrawTextA
GetWindowLongW
IsCharLowerW
RegisterClassA

kernel32

SetFilePointer
OpenMutexA
GetLastError
LeaveCriticalSection
GlobalUnlock
EnumResourceNamesW
GetProcessHeap
GetLocaleInfoA
DeleteCriticalSection
SetUnhandledExceptionFilter
InterlockedCompareExchange
TlsGetValue
CompareStringA
GetCommandLineA
GlobalAlloc
FlushFileBuffers
GetTimeZoneInformation
CreateSemaphoreW
EnumResourceLanguagesW
GetConsoleCP
GetDateFormatA
LoadLibraryA
EnumSystemLocalesA
GetPrivateProfileSectionNamesW
GetTimeFormatA
OpenSemaphoreW
GetProcAddress
TerminateProcess
CreatePipe
GetConsoleOutputCP
LCMapStringA
VirtualQuery
UnhandledExceptionFilter
SetHandleCount
InitializeCriticalSection
lstrcmpiA
SetLocalTime
FreeEnvironmentStringsA
GetStringTypeA
CreateNamedPipeW
GetPrivateProfileSectionNamesA
GetUserDefaultLCID
SetLastError
LocalFree
GetCurrentProcess
FindResourceExW
HeapReAlloc
ReadFile
VirtualFree
CloseHandle
GetCurrentProcessId
GetStringTypeW
FreeLibrary
SetCurrentDirectoryA
WriteFile
EnterCriticalSection
GetConsoleMode
LCMapStringW
IsValidLocale
GetACP
CreateMutexA
HeapCreate
GetCurrentThread
TlsAlloc
GetLocaleInfoW
HeapSize
SetEnvironmentVariableA
GetStdHandle
MultiByteToWideChar
IsValidCodePage
WriteConsoleA
FileTimeToDosDateTime
SetStdHandle
FreeEnvironmentStringsW
TlsFree
InterlockedDecrement
GetTimeFormatW
HeapAlloc
VirtualAlloc
GetTickCount
lstrcmpiW
GetNamedPipeHandleStateW
GetCurrentThreadId
GetEnvironmentStringsW
HeapDestroy
GetFileType
GetOEMCP
GetEnvironmentStrings
GetSystemTimeAsFileTime
WritePrivateProfileStringA
RtlUnwind
GetStartupInfoA
GetModuleHandleA
GetVersion
WriteConsoleW
QueryPerformanceCounter
CompareStringW
IsDebuggerPresent
GetVersionExA
InterlockedExchange
SetConsoleCtrlHandler
WideCharToMultiByte
HeapFree
ExitProcess
InterlockedIncrement
CreateFileA
GetModuleFileNameA
Sleep
GetCPInfo
TlsSetValue

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57138462262dd6f7bc04ae4c1d1727da

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 356KB - Virtual size: 355KB

.rdata Size: 21KB - Virtual size: 51KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 356KB - Virtual size: 355KB

.rdata
Size: 21KB - Virtual size: 51KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 12KB - Virtual size: 11KB