30caa663e0ce69164b07e6808087add8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30caa663e0ce69164b07e6808087add8_JaffaCakes118
Size

80KB
MD5

30caa663e0ce69164b07e6808087add8
SHA1

59cfcbbf647db799131dc864f6e863cecfb13cfd
SHA256

8ca7cada68ea01b0d0b4afa3ef7f3e2c7d830caaaf911a68c0f68106d9018547
SHA512

a4acb49b4229fdc0a72e5a73dd4f4d0b8b4a74ca40202068da08218f8a9dc8e270c9635fa2ff28ab1c3f89fbdb75dd9274477c24935c3da370f21c36a9edc2cb
SSDEEP

1536:oWvynbUvpgVMfH1YLkq311n52F0m7gCz6S:oWdpgV4H1C31QR+S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30caa663e0ce69164b07e6808087add8_JaffaCakes118

Files

30caa663e0ce69164b07e6808087add8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1820d0763180525e33029fd2a9d28c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
Sleep
GetModuleHandleA
GetProcAddress

query

DoneCIISAPIPerformanceData

duser

GetGadgetRgn
IsStartDelete
AttachWndProcA
CreateGadget
GetGadget
DUserGetRectPRID
SetGadgetRootInfo
RegisterGadgetProperty
SetGadgetScale
DUserFindClass
DUserCastHandle
InvalidateGadget
BuildDropTarget
DUserGetGutsData

user32

MessageBoxIndirectA
LoadIconW
GetMenuItemInfoA
wsprintfA
DestroyCursor
SendDlgItemMessageA
DialogBoxParamW
TrackPopupMenu
GetDlgItemInt
SetFocus
CreateWindowExW
GetTopWindow
GetCaretPos
GetWindowRgn
WinHelpW
CreateMenu
ShowCaret
LoadImageW
IsWindow
EnumWindows
GetDlgItemTextW
SetParent
ShowWindow
CharPrevW
SetWindowTextW
SetActiveWindow
InvalidateRect
PostMessageW
MonitorFromWindow
ActivateKeyboardLayout
GetClassInfoExW
GetMenuItemRect
WaitForInputIdle
AppendMenuA
GetCapture
EndMenu
SendMessageW
CopyRect
RemoveMenu
GetSysColor
OffsetRect
DestroyIcon
CreateAcceleratorTableW
MoveWindow
MessageBoxW
UpdateLayeredWindow
UnregisterClassA

gdi32

DeleteObject
SetEnhMetaFileBits
CreateFontW
GetEnhMetaFilePixelFormat
CreateFontIndirectExA
UpdateICMRegKeyA
UpdateICMRegKeyW

Sections

.icode
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IdDi
Size: 3KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 10KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1820d0763180525e33029fd2a9d28c5c

Headers

File Characteristics

Imports

kernel32

query

duser

user32

gdi32

Sections

.icode Size: 9KB - Virtual size: 9KB

.text Size: 17KB - Virtual size: 20KB

.rdata Size: 2KB - Virtual size: 16KB

.IdDi Size: 3KB - Virtual size: 266KB

.edata Size: 8KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 79KB

.edata Size: 10KB - Virtual size: 84KB

.rsrc Size: 22KB - Virtual size: 21KB

.icode
Size: 9KB - Virtual size: 9KB

.text
Size: 17KB - Virtual size: 20KB

.rdata
Size: 2KB - Virtual size: 16KB

.IdDi
Size: 3KB - Virtual size: 266KB

.edata
Size: 8KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 79KB

.edata
Size: 10KB - Virtual size: 84KB

.rsrc
Size: 22KB - Virtual size: 21KB