30f2f837cd9966a200dda53e7ad84f84_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30f2f837cd9966a200dda53e7ad84f84_JaffaCakes118
Size

592KB
MD5

30f2f837cd9966a200dda53e7ad84f84
SHA1

2c95349336ee3c166134c8862c20ec3582c557b5
SHA256

3193af4736d7f424394edc1c050a5bb61799499c15266bfd1a7860123a6662ab
SHA512

afee001c3e535aaf4da721cbe85116f8aac6f172a7d62f56cc1006ac022204e7905ec60210432c556f968450d78e4d15b1f56ff9e43e920bf7c594ccfde960bf
SSDEEP

12288:ubiWmPoDcPrBUl2rGUYp2upRj6mKJkucUbonE6+iwnH/oJxme5AgMBG:ubiWWzCl2yXpRj6wucUbPZnH/oJMe7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30f2f837cd9966a200dda53e7ad84f84_JaffaCakes118

Files

30f2f837cd9966a200dda53e7ad84f84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca1c7853b29bed02bab5cfa77f707413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy
DeleteCriticalSection
TlsSetValue
lstrlenW
Sleep

user32

GetKeyboardType
WindowFromPoint

advapi32

RegQueryValueExA
RegSetValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

imm32

ImmSetCompositionWindow

Exports

Exports

DE_CreateInstance
DE_GetCatalogClassId
DE_GetCatalogDescribe
DE_GetCatalogIcon
DE_GetCatalogName
DE_GetCatalogParentId
DE_GetCatalogPriority
DE_GetCatalogSize
DE_GetClassId
DE_RegisterCommonDll

Sections

.text
Size: 64KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 484KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ca1c7853b29bed02bab5cfa77f707413

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

ole32

comctl32

imm32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 176KB

.rsrc Size: 28KB - Virtual size: 44KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 608KB

.data Size: 484KB - Virtual size: 484KB

.data Size: 4KB - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 176KB

.rsrc
Size: 28KB - Virtual size: 44KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 608KB

.data
Size: 484KB - Virtual size: 484KB

.data
Size: 4KB - Virtual size: 4KB