30d6b77f72e45aa6c41dc663a6a946e2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

30d6b77f72e45aa6c41dc663a6a946e2_JaffaCakes118
Size

47KB
MD5

30d6b77f72e45aa6c41dc663a6a946e2
SHA1

265437ea785ac9fda2f43473ce7b6a76bb496e9c
SHA256

a656d394a8c0c0c6d2416334f0b57256c80f48f9480e8a33ec5269e8e3b41d89
SHA512

496ab5c1302b1dccfdf88c86fe09ad32d973b8f44277c8af3101f6b65bd366951ad30b7bcba3941eda201527860a1bf0005fb57ec2f0d1917ed2ccf9683e69a8
SSDEEP

768:TcXhP/gOzf8X6ElMTaUMMnMMMMMQqvuOYQIYQDFbUcSbHbdX3kd9eLvV0lgE4OrF:4F/gQ8X62MTaUMMnMMMMMQqvuOYQIYQF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30d6b77f72e45aa6c41dc663a6a946e2_JaffaCakes118

Files

30d6b77f72e45aa6c41dc663a6a946e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

adb93bc0d08a27b53a39c5f446fb3672

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rtutils

TraceDumpExA

gdi32

SetTextColor
GetPixel
SetBkColor
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
DeleteObject
CreateSolidBrush
SetStretchBltMode
GetObjectW
SelectObject
DeleteDC
SetPixel
GetPaletteEntries
StretchBlt
CreateDIBSection
BitBlt

kernel32

WriteFile
TerminateProcess
GetVersion
InitializeCriticalSection
HeapDestroy
RtlUnwind
FreeLibrary
GetModuleHandleW
GlobalLock
LeaveCriticalSection
WaitForMultipleObjectsEx
lstrlenA
GetModuleFileNameW
GetTimeZoneInformation
GlobalFree
FreeLibraryAndExitThread
SetUnhandledExceptionFilter
GetVersionExW
GetCurrentThreadId
lstrcmpiW
UnhandledExceptionFilter
DeleteCriticalSection
GetUserDefaultLCID
SetFilePointer
GlobalHandle
LoadLibraryW
GetSystemInfo
GetCurrentProcessId
DisableThreadLibraryCalls
CreateEventW
HeapAlloc
GetProcAddress
QueryPerformanceCounter
GetModuleHandleExW
CompareStringW
CreateFileW
MultiByteToWideChar
VirtualAlloc
CloseHandle
VirtualProtect
GetSystemTimeAsFileTime
GlobalReAlloc
GetLocalTime
InterlockedCompareExchange
CreateThread
GetLastError
HeapReAlloc
GetFileSize
GetProcessHeap
HeapFree
GetSystemTime
VirtualQuery
SystemTimeToFileTime
GlobalSize
InterlockedExchange
Sleep
InterlockedIncrement
GlobalUnlock
GlobalAlloc
EnterCriticalSection
ReadFile
WaitForSingleObjectEx
GetTickCount
SetEvent
lstrlenW
InterlockedDecrement
GetCurrentProcess

ddraw

DirectDrawCreate

ole32

StringFromCLSID
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
StringFromGUID2
OleRun
CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemFree
CLSIDFromString

ntdll

RtlAddAccessAllowedObjectAce
NtQuerySemaphore
NtQuerySystemEnvironmentValueEx
RtlAdjustPrivilege

user32

LoadStringW
MapWindowPoints
ReleaseCapture
DefWindowProcW
CopyRect
GetSystemMetrics
TranslateMessage
MsgWaitForMultipleObjects
LoadImageW
ReleaseDC
CharUpperW
KillTimer
DispatchMessageW
PeekMessageW
RegisterClassExW
PostMessageW
SetRectEmpty
FillRect
DestroyWindow
IsCharAlphaW
GetDC
SystemParametersInfoW
IntersectRect
RegisterClassW
EqualRect
SetWindowLongW
IsCharAlphaNumericW
SetRect
CreateWindowExW
GetWindowLongW
SetTimer

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

adb93bc0d08a27b53a39c5f446fb3672

Headers

DLL Characteristics

File Characteristics

Imports

rtutils

gdi32

kernel32

ddraw

ole32

ntdll

user32

advapi32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 80KB

.rsrc Size: 29KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 56B

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 80KB

.rsrc
Size: 29KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 56B

.idata
Size: 4KB - Virtual size: 3KB