30e95876c141d12b3796945e76d417ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30e95876c141d12b3796945e76d417ea_JaffaCakes118
Size

17KB
MD5

30e95876c141d12b3796945e76d417ea
SHA1

259b1df750328756cc51397f71958a0fa30fca39
SHA256

c8dbef3408609de11d062e1c4ec5121f3cb87af3e4f28b48d3be496a98c76342
SHA512

063bdb10834ec29d4d0ef8e330d62866b4c7a59a6e524c13d20792b1d5d5e34222a4248471b368b0fa7f728b1f41d6a8ac1dab05c3345e1884dc6da83f4623ea
SSDEEP

192:2gV4TjIwwqu/fCR7mjIbqXEzTM/U9jlMDCoHsvfS1lqHH+XKAxP3k/mGqvsvXqTD:SmaBmjSYU/hY307Axttm/2ix++92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30e95876c141d12b3796945e76d417ea_JaffaCakes118

Files

30e95876c141d12b3796945e76d417ea_JaffaCakes118
.exe windows:1 windows x86 arch:x86

8e63f8e34b55a9bbea0e38e83c58a52f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileW
CreateThread
EnterCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetTickCount
GetVersionExA
HeapFree
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
ReadFile
Sleep
UnhandledExceptionFilter
VirtualAlloc
lstrlenW

user32

BeginPaint
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetClientRect
GetDlgItem
GetFocus
GetParent
GetSysColor
GetSystemMetrics
GetWindowRect
IsWindow
LoadCursorW
LoadIconW
MessageBoxW
PostMessageW
PostQuitMessage
ReleaseDC
SendMessageW
SetDlgItemTextW
SetFocus

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ