30cabadd442c93e89b60e3743940314a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30cabadd442c93e89b60e3743940314a_JaffaCakes118
Size

79KB
MD5

30cabadd442c93e89b60e3743940314a
SHA1

861a9fc421ae04755a97956bcf2f855c6a010ac1
SHA256

973f2d6154fed1d6845a9dafb3799618b987c328d3e0cdcf6f595e9795c2d069
SHA512

eecdc76b7aadb810264bd2514d75b05d54215a3323265b0574a769d8456a5a22cb746e76fa6edb10824596dad161e2c2803e2a0c6bf8333767b10e9cccf567f0
SSDEEP

1536:CpxQ2b6ktcCnrqfdKXItSU260jJ7TWpFoCGCY66wSEc:CpSW6wcCrq1KsI6097V0z6wSE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30cabadd442c93e89b60e3743940314a_JaffaCakes118

Files

30cabadd442c93e89b60e3743940314a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b916a945183dcde74b63aedf34c2fdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetTickCount
GetModuleFileNameA
GetLastError
GlobalAlloc
LoadResource
LockResource
MultiByteToWideChar
ResetEvent
GlobalFree
ExitThread
SetLastError
SetThreadPriority
SizeofResource
Sleep
WaitForSingleObject
WriteFile
lstrcatA
lstrcpyA
lstrlenA
FlushFileBuffers
FindResourceA
CreateMutexA
ExitProcess
CreateThread
SetEndOfFile
SetEvent
CreateEventA
CloseHandle
CreateFileA

user32

GetDlgCtrlID
GetDlgItem
GetDesktopWindow
GetWindowTextLengthA
DrawTextA
DispatchMessageA
GetSysColorBrush
GetSystemMenu
GetWindowDC
GetClientRect
GetCursorPos
InsertMenuItemA
InvalidateRect
IsDialogMessageA
IsIconic
IsWindowVisible
KillTimer
LoadCursorA
LoadIconA
LoadImageA
MessageBoxA
GetWindowRect
FindWindowA
PtInRect
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetClassLongA
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowTextA
ShowWindow
TranslateMessage
wvsprintfA
DestroyIcon
DestroyCursor
DeleteMenu
CreateWindowExA
CreateDialogParamA
CharUpperBuffA
CharUpperA
BringWindowToTop
EnumChildWindows
EnableWindow
DestroyWindow
PostMessageA
PostQuitMessage
GetDlgItemTextA
GetDlgItemInt
GetMessageA

gdi32

CreateFontIndirectA
DeleteObject
CreateFontA
SelectObject
SetBkMode
GetObjectA
SetTextColor

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA
SHGetDesktopFolder

comctl32

ord17

ole32

CoUninitialize
CoInitializeEx

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b916a945183dcde74b63aedf34c2fdd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

ole32

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 76B

.rsrc Size: 61KB - Virtual size: 61KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 76B

.rsrc
Size: 61KB - Virtual size: 61KB