30ffd6885693cb50d81d19e23f8a4dea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30ffd6885693cb50d81d19e23f8a4dea_JaffaCakes118
Size

106KB
MD5

30ffd6885693cb50d81d19e23f8a4dea
SHA1

8a9c1dc415fdf0d34d64c1a57e9b0470e6804f58
SHA256

46e1e8a57b9d5112e3f31f77584509a8919fc448c5807bb45e330f5b23d7f0cf
SHA512

118936028762e592064638c5933a967b83167486aff89ec5c0ea6abdae3d4539219daa2c2c779f4d845ccd49761a502acc02d760b4ffe0c53495dab5f21c583e
SSDEEP

1536:GTwPVx0EOIVvygs/iWMc0HwP5vRwTCskfSbS4ILyFIDMdmKnx9s9Q73q6TxOHP6q:GbIFyXMcawRv+essSJeAx4P68K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30ffd6885693cb50d81d19e23f8a4dea_JaffaCakes118

Files

30ffd6885693cb50d81d19e23f8a4dea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a939d579d698391c222b9bf4134cab23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GlobalFindAtomA
lstrlenW
lstrcmpiA
lstrcmpA
GetSystemTime
DeleteFileA
CopyFileA
QueryPerformanceCounter
RemoveDirectoryA
GetCommandLineA
GetWindowsDirectoryA
GetModuleHandleA
lstrcmpiW
VirtualAlloc
VirtualFree
RemoveDirectoryW
FindClose

gdi32

RectVisible
RestoreDC
GetDeviceCaps
DeleteObject
CreateFontIndirectA
SetTextColor
SelectPalette
SetMapMode
SaveDC
CreatePalette
LineTo
GetClipBox
GetStockObject
GetPixel
GetTextMetricsA
SelectObject
SetTextAlign
GetObjectA

user32

GetDesktopWindow
GetParent
GetSystemMetrics
TranslateMessage
CharNextA
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ