30d8ef067a2ee89a172c7e284ea1ac1e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30d8ef067a2ee89a172c7e284ea1ac1e_JaffaCakes118
Size

108KB
MD5

30d8ef067a2ee89a172c7e284ea1ac1e
SHA1

0fbfbc1ee7b7ebe35e755118ecd913beee544c70
SHA256

9ecac207cc5b84d1ee40a184321afcd69bcc2e4ac7905a93694f5b8037e6a157
SHA512

c5ad0df72132a296ad4beb334e0030cf952314e14bca7d8c48dcd0ebbe276166c612c1db119b4a0b052dbd8b5a0378baed67c8d4386a8b3758c422bc4bac0c0d
SSDEEP

1536:VhkIcYA5swVYQd/xOfThnqmuHIfXGCVQFC6UYVMvwagWGj:PKYZwVYMJ+hqRQXGujCVksj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30d8ef067a2ee89a172c7e284ea1ac1e_JaffaCakes118

Files

30d8ef067a2ee89a172c7e284ea1ac1e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2d7bd431376ea058e7aa4dfb128a7790

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
InterlockedExchange
Sleep
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
VirtualProtect
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
WideCharToMultiByte
CreateSemaphoreW
GetTickCount
GetCommandLineA
SystemTimeToFileTime

advapi32

FreeSid
EqualSid

ole32

CoTaskMemAlloc
CoTaskMemFree

msvcrt

memmove
__CxxFrameHandler
_except_handler3
_adjust_fdiv
_amsg_exit
_initterm
free
_XcptFilter
wcslen
wcscmp
_wcsicmp
wcsspn
_CxxThrowException
malloc

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 958B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ