30d365e6879d4c27baedc3efe32fd7f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30d365e6879d4c27baedc3efe32fd7f3_JaffaCakes118
Size

22KB
MD5

30d365e6879d4c27baedc3efe32fd7f3
SHA1

345ddb1105c26c3d10b1fb6c9df13b350ba65fd9
SHA256

76c6d6b9c9e54d5f251aef4fd7ceed04bc2b87a3be2fcc969fd114353805b5ee
SHA512

887e0bc45d5bd1b7d4207b93479ba0c0ada3cb5c4f283923de48a62583ce9260d81627389f8f672b31bff54da31eb653bd4ae99f7b1370c057f5274c9f63e38a
SSDEEP

384:PJ0j855IS2LF73prI1tgRIH9iDB40gGOVmLLyH6cicSknACk0zcQh:PJg855IScFtSTiDRdSmLL6HMkACjzh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30d365e6879d4c27baedc3efe32fd7f3_JaffaCakes118

Files

30d365e6879d4c27baedc3efe32fd7f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e903f3554cca40a61c374d5fdf42007d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetTickCount
Sleep
SetEvent
OpenEventA
GetModuleHandleA
CloseHandle
GetStartupInfoA

user32

LoadIconA
CreateWindowExA
ShowWindow
UpdateWindow
LoadCursorA
RegisterClassA

msvcrt

_adjust_fdiv
malloc
_controlfp
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_exit
__p__commode
__p__fmode
__set_app_type
_except_handler3

gdi32

GetStockObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE