30555f4f6b44fe8924fafa6aaebdf80f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30555f4f6b44fe8924fafa6aaebdf80f_JaffaCakes118
Size

224KB
MD5

30555f4f6b44fe8924fafa6aaebdf80f
SHA1

785063e66c096cd107729be3694b7e548e7c6a69
SHA256

59b772f3a345b2d6b95f8ce5d31bb13019bcab05b63aad1c88a4f12cd4359563
SHA512

e90f81fb07ce533e095a543c2d0ee2918506ae7c1e7223948ffef2a9b2f69828da1eb3be61a8f99b491ba7f6f7706313244e0c61538d231295382a6d2877c7a1
SSDEEP

3072:vc6puEPhZQBF5oEoUKPMomBHezRPYSnkaOQv5Gs0NXotJtVYYig25008jIEGB+yf:vRPeFN5V3whO6io7fhZc+mf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30555f4f6b44fe8924fafa6aaebdf80f_JaffaCakes118

Files

30555f4f6b44fe8924fafa6aaebdf80f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43869c043e872f0de09e8650ffe32563

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetTickCount
LocalFree
Sleep
GetCommandLineW
GetVersion
GetUserDefaultLangID
CompareStringA
GetThreadLocale
lstrcatA
GlobalMemoryStatus
Beep
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
GetLastError
lstrlenA
GetCurrentDirectoryA
GetProcAddress
LoadLibraryA
SetLastError
SwitchToThread
CloseHandle
GetCurrentThread
GetLocaleInfoW
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
ReadFile
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
GlobalAlloc
GetNumberFormatA
IsBadReadPtr
SetThreadPriority
GetCurrentThreadId
CreateFileA
FlushFileBuffers
SetStdHandle
MultiByteToWideChar
IsBadWritePtr
VirtualAlloc
RaiseException
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
HeapAlloc
HeapSize
HeapFree
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
WriteFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree

user32

GetClipCursor
GetWindowRect
MessageBoxA
GetQueueStatus
LoadCursorA
OpenClipboard
EmptyClipboard
IsCharAlphaA
CharNextA
IsWindowVisible
PostMessageA
LoadCursorFromFileA
wsprintfA
SetCursorPos
GetThreadDesktop
GetUserObjectInformationA
GetForegroundWindow
GetDC
IsClipboardFormatAvailable

gdi32

GetObjectType
DeleteDC
Ellipse
CreateCompatibleDC

shell32

CommandLineToArgvW
FindExecutableA

shlwapi

PathAppendA
PathIsSameRootA
PathGetCharTypeA

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43869c043e872f0de09e8650ffe32563

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 136KB - Virtual size: 136KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 136KB - Virtual size: 136KB