30a5d5332d1f5c0d84de387c589cfee7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30a5d5332d1f5c0d84de387c589cfee7_JaffaCakes118
Size

392KB
MD5

30a5d5332d1f5c0d84de387c589cfee7
SHA1

29a1be802d670c621f8b10060b52858e4428e0af
SHA256

504b62ac9056c55791a735ebc49a72962065771e4a0b94690fda33eb8854a99a
SHA512

d3792256fdf93de29b7b2397986be9bff28446a956797e35909f983fd21b92b2d6d4ecbca72bf8928e36967e3bbbc2433b7b460c8152a2a74373f97111ce09e5
SSDEEP

6144:EAubVaHDq/NGS9E9xM+pYG+yQcK30XYWhjkSNl04y8oN8XCtGV7Oykq+DzyfZ5:QVgFSgDDK30IWjkSNl049a8KGBQZvyf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30a5d5332d1f5c0d84de387c589cfee7_JaffaCakes118

Files

30a5d5332d1f5c0d84de387c589cfee7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b6f6197e3292798e90929f6fd3bc67c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
DeleteCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
VirtualFree
GetEnvironmentStringsW
HeapAlloc
LoadLibraryA
GetStartupInfoA
TlsAlloc
GetCommandLineA
GetProfileIntA
GetEnvironmentStrings
HeapDestroy
InterlockedExchange
GetTickCount
GetVersion
GetModuleHandleA
TlsFree
GetCommandLineW
SetLastError
MultiByteToWideChar
GetModuleFileNameA
SetHandleCount
WaitForDebugEvent
GetCurrentThreadId
TlsSetValue
InitializeCriticalSection
GetProcAddress
GetLastError
WriteFile
HeapFree
FreeEnvironmentStringsA
LeaveCriticalSection
GetPrivateProfileIntA
IsBadWritePtr
VirtualQuery
GetStartupInfoW
TlsGetValue
GetSystemTimeAsFileTime
HeapCreate
GetCurrentProcessId
GetModuleFileNameW
UnhandledExceptionFilter
HeapReAlloc
RtlUnwind
ExitProcess
GetFileType
GetCurrentThread
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess

advapi32

CryptGetKeyParam
RegRestoreKeyA
RegFlushKey
RegQueryMultipleValuesA
RegSaveKeyW
ReportEventW
RegLoadKeyA

wininet

InternetWriteFileExW
InternetCombineUrlW
InternetGetConnectedStateExA
HttpOpenRequestA
DeleteUrlCacheEntryA
DeleteIE3Cache
FreeUrlCacheSpaceA
InternetCanonicalizeUrlW
InternetOpenW
InternetGetConnectedState
GopherGetAttributeA
ShowClientAuthCerts
FindCloseUrlCache
ShowCertificate
InternetCheckConnectionW
InternetConfirmZoneCrossing
DeleteUrlCacheContainerA
CreateUrlCacheEntryW
CommitUrlCacheEntryW
InternetDialW
FtpPutFileA
InternetShowSecurityInfoByURLA
FindFirstUrlCacheEntryExW
InternetCheckConnectionA
InternetGoOnline

comdlg32

ChooseColorA
FindTextA
ChooseColorW
GetFileTitleA
PrintDlgA

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b6f6197e3292798e90929f6fd3bc67c

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

comdlg32

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 265KB - Virtual size: 265KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 265KB - Virtual size: 265KB

.rsrc
Size: 9KB - Virtual size: 8KB