30f0c7bc76baba2ad9ff0a1a652a7dc5_JaffaCakes118

General

Target

30f0c7bc76baba2ad9ff0a1a652a7dc5_JaffaCakes118
Size

128KB
MD5

30f0c7bc76baba2ad9ff0a1a652a7dc5
SHA1

ced5e4eed6797a7b0fecabb7fae83d291732266d
SHA256

16c757d622a5724dd0982af094c84226c09d0387207721200acbd4da75d79238
SHA512

aba605dc49d84bccabda0c5f9af1f8f131667dfbd0776b915b72825cacd37e1988e17ae844c9599e31f53a9e307fb07a4f3c9da61713e264ef309c44646ca358
SSDEEP

768:dZ2WQB+rX4ruvMef/dLuNS1+Z31ULl4sJSUE6BKV2YkvjgTw9cNKft7uGpAcuAZ:dRQB+rUw9/Ek+e4OikvjgTUducA1s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30f0c7bc76baba2ad9ff0a1a652a7dc5_JaffaCakes118

Files

30f0c7bc76baba2ad9ff0a1a652a7dc5_JaffaCakes118
.exe windows:1 windows x86 arch:x86

acfb323ab3cbf11ee7438f47c1cd7232

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetCommandLineA
GetFileSize
GetFileTime
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetProcAddress
GetSystemTime
CloseHandle
GetWindowsDirectoryA
LoadLibraryA
CopyFileA
MapViewOfFile
Process32First
Process32Next
ReadFile
CreateEventA
RtlUnwind
CreateFileA
CreateFileMappingA
SetFilePointer
UnmapViewOfFile
WaitForSingleObject
WriteFile
CreateToolhelp32Snapshot

user32

GetParent
IsWindow
IsWindowVisible
GetWindowThreadProcessId
GetClassNameA
MessageBoxA
GetWindowLongA
SetWindowsHookExA
UnhookWindowsHookEx
SendMessageA
ShowWindow
CreateWindowExA

crtdll

_gcvt
_iob
_itoa
__GetMainArgs
_strnicmp
exit
fputc
free
localeconv
malloc
memcpy
memmove
memset
pow
qsort
raise
rand
realloc
signal
strcat
strchr
strcmp
strncmp
strncpy
strrchr
strtol
wcslen
wctomb

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

acfb323ab3cbf11ee7438f47c1cd7232

Headers

File Characteristics

Imports

kernel32

user32

crtdll

Sections

.text Size: 29KB - Virtual size: 29KB

.bss Size: - Virtual size: 1KB

.rdata Size: 88B - Virtual size: 88B

.data Size: 3KB - Virtual size: 3KB

.idata Size: 1KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 29KB

.bss
Size: - Virtual size: 1KB

.rdata
Size: 88B - Virtual size: 88B

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 1KB - Virtual size: 1KB