30d7225f2a015423a68ec38eedca29cc_JaffaCakes118

General

Target

30d7225f2a015423a68ec38eedca29cc_JaffaCakes118
Size

191KB
MD5

30d7225f2a015423a68ec38eedca29cc
SHA1

0a07bf63f3a55438e4c67ce39169c46432bd5ab5
SHA256

33deda99a482d9e3b220e2e44bba11c7ea6f32b3bbf37bf85e427239006ef291
SHA512

30c9ed263d31dfb5dd4ec3804df2511067fb05ce251571a53f742a18333c4c45a8696815b44b71d176c019cd5e3cb38e9ae0b9f167e3595b45cb59dea9a6298a
SSDEEP

3072:Eb7ONCuLt9GeEJzHisbhOpHYlnG0GvktlSWxRBfCFr4B8CvpuA7j7o7:mOsuLtPEJbKpHYlnG0GvulBzBCMppt70

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30d7225f2a015423a68ec38eedca29cc_JaffaCakes118

Files

30d7225f2a015423a68ec38eedca29cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1162458a74444a7b14bbd16c58d6bc09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
QueryPerformanceCounter
GetLocaleInfoA
DeleteCriticalSection
GetConsoleOutputCP
GetCurrentProcessId
LCMapStringA
GetOEMCP
SetProcessAffinityMask
GetSystemTimeAsFileTime
CreateFileA
GetStringTypeW
GlobalLock
GetEnvironmentStringsW
OutputDebugStringW
IsValidCodePage
FlushFileBuffers
MoveFileW
GetLocalTime
GlobalAlloc
WriteConsoleA
InterlockedIncrement
CreateFileW
GetCPInfo
GetCurrentThreadId
InterlockedDecrement
Sleep
CreateEventW
EnumResourceTypesA
LCMapStringW
SetNamedPipeHandleState
GetStringTypeA
FreeEnvironmentStringsA
GetACP
WaitForSingleObject
WriteFile
GetEnvironmentStrings
ReadFile
WriteConsoleW
SetEndOfFile
SetStdHandle
TerminateThread
FreeEnvironmentStringsW
GetModuleFileNameW
SetEvent
CreateProcessW
WaitForMultipleObjects
GlobalUnlock

imm32

ImmAssociateContext

ole32

CoMarshalHresult
CoQueryProxyBlanket
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoTaskMemFree
CoInitializeSecurity
StringFromGUID2

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1162458a74444a7b14bbd16c58d6bc09

Headers

File Characteristics

Imports

kernel32

imm32

ole32

Sections

.text Size: 116KB - Virtual size: 115KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 71KB - Virtual size: 70KB

.reloc Size: 1024B - Virtual size: 380KB

.text
Size: 116KB - Virtual size: 115KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 71KB - Virtual size: 70KB

.reloc
Size: 1024B - Virtual size: 380KB