30eb00c7fccff820eba405778fc9a531_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30eb00c7fccff820eba405778fc9a531_JaffaCakes118
Size

325KB
MD5

30eb00c7fccff820eba405778fc9a531
SHA1

4645acee3648a1fd51a302832073e070d2ef9583
SHA256

3a0721abad5af1e5e8d6795a430e79f8a65503c7b36840d0374acf86372de56f
SHA512

5baa94275b9118dafbcff677b0ae63c3666b9ff8d369f8ce4e89a6ed8c53697994685f41ac03b8e5a260ddb5eb90ff5e7803d3f04bf2278f574a7758baedad00
SSDEEP

6144:1bH+HavOx2wYW+zbZ1oJMlxJSXVNo4jrqMToErf9/2oOrF:1bH+HZ2wYzV1oJMBSXVNoesE79/2N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30eb00c7fccff820eba405778fc9a531_JaffaCakes118

Files

30eb00c7fccff820eba405778fc9a531_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19b0a7c1697ce8cf9eaa5bd95eb164fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

SendMessageTimeoutA
GetWindowTextW
DrawFocusRect
SystemParametersInfoA
EnumDesktopsW
DlgDirListW
DestroyCaret
RegisterClassExA
PostThreadMessageA
SetWindowLongA
RegisterClassA
DefMDIChildProcW
DlgDirSelectComboBoxExA
IsCharUpperW
AppendMenuW
GetClassWord
GetGUIThreadInfo

kernel32

MultiByteToWideChar
GetTimeZoneInformation
SetFilePointer
LoadLibraryA
HeapAlloc
GetModuleFileNameA
OpenSemaphoreW
OpenMutexA
GetLastError
GetProcessHeap
DeleteCriticalSection
SetStdHandle
TerminateProcess
GetCommandLineA
GetDateFormatA
GetStdHandle
GetFileAttributesExA
GetStartupInfoW
InterlockedIncrement
GetOEMCP
ExitProcess
TlsSetValue
IsDebuggerPresent
TlsFree
GetUserDefaultLCID
FreeEnvironmentStringsW
FreeLibrary
GetStringTypeA
IsValidLocale
GetThreadContext
HeapSize
CreateMutexA
SetEnvironmentVariableA
CompareStringW
GetEnvironmentStrings
CloseHandle
HeapCreate
FlushFileBuffers
VirtualAlloc
WriteConsoleW
GetStringTypeW
SetLastError
GetFileType
CreateSemaphoreA
WriteFile
GetTickCount
EnterCriticalSection
LCMapStringA
SetHandleCount
InterlockedDecrement
GetLocaleInfoW
GetSystemTimeAsFileTime
LeaveCriticalSection
GetCurrentProcess
HeapReAlloc
FreeEnvironmentStringsA
GetLocaleInfoA
GetStartupInfoA
Sleep
UnhandledExceptionFilter
GetCurrentThreadId
lstrcpy
SetConsoleCtrlHandler
GetModuleHandleA
HeapDestroy
EnumSystemLocalesA
GetConsoleOutputCP
VirtualFreeEx
LCMapStringW
SetUnhandledExceptionFilter
RtlUnwind
VirtualQuery
CreateFileA
WriteConsoleA
ReadFile
GetVersionExA
TlsGetValue
GetCurrentThread
GetACP
GetProcAddress
IsValidCodePage
HeapFree
GetTimeFormatA
GetCPInfo
GetModuleHandleW
TlsAlloc
InterlockedExchange
GetConsoleMode
InitializeCriticalSection
GetTimeFormatW
GetConsoleCP
GetCommandLineW
GetCurrentProcessId
GetEnvironmentStringsW
GetModuleFileNameW
QueryPerformanceCounter
CompareStringA
VirtualFree
WideCharToMultiByte

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19b0a7c1697ce8cf9eaa5bd95eb164fc

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 14KB - Virtual size: 39KB

.data Size: 91KB - Virtual size: 90KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 14KB - Virtual size: 39KB

.data
Size: 91KB - Virtual size: 90KB

.rsrc
Size: 11KB - Virtual size: 11KB