30dc688aff005635feb03562a1333cef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30dc688aff005635feb03562a1333cef_JaffaCakes118
Size

495KB
MD5

30dc688aff005635feb03562a1333cef
SHA1

451b8e38b585005bbb964142f12668761fd1d7eb
SHA256

7c1b73a3a286b0fb96edeb1e95b7b3decb9a06d5299c8222d82e8936ee00ab7a
SHA512

2095a82aee927e098dcb014f5861656b4cfe35d479f387d6abc504613f24a742361450b9ff65acf5d09a23f6fef1cc426bd0f8990fa4c639ec321c5e74fc41d9
SSDEEP

6144:t9VtSXumdPYRBqUJbfl612z5NCsx/kihooS3Mp6kktEI4aceUtj4LsaT67zJjIQ:FGu8P0zNCM3ucp6kkSIjA03m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30dc688aff005635feb03562a1333cef_JaffaCakes118

Files

30dc688aff005635feb03562a1333cef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bfcf3bbebfe3daf99ae30410bef826d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
PageSetupDlgW
GetFileTitleA
GetSaveFileNameW

comctl32

InitCommonControlsEx

user32

LoadStringW
CascadeWindows
GetInputState
LookupIconIdFromDirectory
RegisterClassA
GetMenuBarInfo
IsDlgButtonChecked
GetClipboardFormatNameW
CallNextHookEx
CreateAcceleratorTableW
MonitorFromRect
InSendMessage
LoadImageA
ExitWindowsEx
GetClassInfoExW
RegisterClassExA
UnhookWindowsHookEx
CallWindowProcW
CreateDialogIndirectParamW
RegisterClassExW
GetAsyncKeyState
FindWindowA
KillTimer
InvalidateRect
GetClipboardSequenceNumber
TileChildWindows
DialogBoxParamA

kernel32

VirtualAlloc
WritePrivateProfileSectionW
GetModuleFileNameA
LoadLibraryA
GetCurrentProcess
TlsFree
MultiByteToWideChar
CreatePipe
GetModuleHandleA
GetOEMCP
SetEnvironmentVariableA
HeapReAlloc
TerminateProcess
GetStartupInfoA
CreateMutexA
IsBadWritePtr
GetTimeZoneInformation
GetVersion
FlushFileBuffers
SetFilePointer
GetEnvironmentStrings
lstrcmp
HeapDestroy
InterlockedDecrement
HeapFree
ReadFile
FreeEnvironmentStringsW
WideCharToMultiByte
GetLocalTime
TlsGetValue
GetLastError
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualUnlock
GetSystemTime
TlsAlloc
ExitProcess
CloseHandle
HeapAlloc
LeaveCriticalSection
WriteFile
SetStdHandle
GetCurrentThread
VirtualFree
GetProcAddress
SetLastError
GetEnvironmentStringsW
LCMapStringA
CompareStringW
TlsSetValue
DeleteCriticalSection
LockResource
InitializeCriticalSection
GetCurrentProcessId
GetFileType
LCMapStringW
GetTickCount
EnterCriticalSection
GetCurrentThreadId
SetHandleCount
GetCommandLineA
UnhandledExceptionFilter
OpenMutexA
HeapCreate
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetStringTypeA
VirtualQuery
GetStdHandle
CompareStringA
InterlockedIncrement
GetStringTypeW
InterlockedExchange
RtlUnwind

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfcf3bbebfe3daf99ae30410bef826d4

Headers

File Characteristics

Imports

comdlg32

comctl32

user32

kernel32

Sections

.text Size: 166KB - Virtual size: 165KB

.rdata Size: 4KB - Virtual size: 25KB

.data Size: 311KB - Virtual size: 310KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 166KB - Virtual size: 165KB

.rdata
Size: 4KB - Virtual size: 25KB

.data
Size: 311KB - Virtual size: 310KB

.rsrc
Size: 12KB - Virtual size: 12KB