30d8849c7bc56132edfad1f5a17b0fc1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30d8849c7bc56132edfad1f5a17b0fc1_JaffaCakes118
Size

56KB
MD5

30d8849c7bc56132edfad1f5a17b0fc1
SHA1

da9c065fc0a71042b42c6351d61019f9ecbd9853
SHA256

6a329878a2776d32812dd52abbffd8ec923b28770e52da3e032f12f884aa0693
SHA512

382958d41dae011ce9550d06c4cfa70d25b753f5798ea291f99c09e839dd9a11f25ac358d4ebd3337dcd95ff45ab46897a403eea7ced0b9077de8c5425c94e6d
SSDEEP

768:0+DkPUMp4dSH2Gv8ld8SiKwG1hXuNuw3thk7myKiz1GEq91/4:Zksa4dSHv28kYh2JKH91/4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30d8849c7bc56132edfad1f5a17b0fc1_JaffaCakes118

Files

30d8849c7bc56132edfad1f5a17b0fc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

821aa901c3bb3d90bc9d58502a264faa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
SuspendThread
QueryDosDeviceW
GetLocalTime
SetWaitableTimer
GetCurrentProcess
LockResource
DuplicateHandle
VirtualAlloc
CreateWaitableTimerW
MoveFileW
LoadLibraryA
WaitForSingleObject
GetCurrentProcessId
GetProcAddress
CloseHandle
SizeofResource
MulDiv
FreeResource
GetFileAttributesW
GetVersion
SetEndOfFile
SetLastError

user32

SetCursorPos
DialogBoxParamW
VkKeyScanW
DestroyMenu
MessageBoxW
GetWindowDC
GetKeyState
GetSysColor
RegisterHotKey
ReleaseDC
CreatePopupMenu
LoadBitmapW
SendDlgItemMessageW
PostThreadMessageW
GetWindowTextW
PostMessageW
SetWindowTextW
SystemParametersInfoW
AppendMenuW
RedrawWindow
LoadIconW

gdi32

DPtoLP
SetBkMode
GetDeviceCaps
CreateSolidBrush
BitBlt
SetMapMode
SetDIBits

advapi32

RegCloseKey
RegQueryValueExW
SetSecurityDescriptorDacl

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE