030d9d3f3c47904d5c48f152307221cf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

030d9d3f3c47904d5c48f152307221cf_JaffaCakes118
Size

424KB
MD5

030d9d3f3c47904d5c48f152307221cf
SHA1

7476b37763a95afff5dfbd86676038e666583070
SHA256

f37eb720e437b7df290f58a12d4a676436b3449b58ca289cda87ea4d2e799282
SHA512

e96d75dbc7b19f53c676b4bc6b193d9040b02795d92cbeecfa3ac80eb2463422eec51887e184c6367c73b49fd71cb0393ce6cc7e17b0fa7ffab31d1ce373e87d
SSDEEP

6144:Xy27tXmJb/mpCOYzQK8fVM4z5Qaee9NSvVfnFXdz7rmWljLoVnXMggrflLLa3Q:XH7eTmkgK8f+eovVfnHz7TLoVnXAV2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
030d9d3f3c47904d5c48f152307221cf_JaffaCakes118

Files

030d9d3f3c47904d5c48f152307221cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44db0744c4976a7be12609dc309ab78c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetStdHandle
GetDiskFreeSpaceA
GetFileAttributesW
GetFileType
GetFileAttributesExA
HeapAlloc
LoadLibraryA
TlsAlloc
IsValidLocale
TlsSetValue
FreeEnvironmentStringsW
SetConsoleCtrlHandler
CompareStringW
SetHandleCount
SetLastError
GetPrivateProfileStructA
GetLocaleInfoW
GetOEMCP
ConnectNamedPipe
MultiByteToWideChar
FreeEnvironmentStringsA
GetStartupInfoA
GetACP
CloseHandle
GetSystemInfo
TlsGetValue
GetLocaleInfoA
GetProcAddress
WriteConsoleW
GetLastError
VirtualProtect
GlobalAddAtomA
EnumSystemLocalesA
CreateProcessA
GetTimeFormatA
VirtualQuery
IsValidCodePage
VirtualFree
LCMapStringW
CompareStringA
GetUserDefaultLCID
TlsFree
GetEnvironmentStringsW
HeapReAlloc
IsBadWritePtr
ExitProcess
EnumSystemLocalesW
ReadConsoleOutputW
VirtualAlloc
WideCharToMultiByte
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy
GetModuleHandleA
GetCurrentThread
GetVersionExA
HeapCreate
GetCurrentThreadId
LeaveCriticalSection
UnhandledExceptionFilter
EnterCriticalSection
GetDateFormatA
GetCurrentProcessId
GetModuleFileNameA
HeapSize
DeleteCriticalSection
GetComputerNameA
GetTickCount
GetStringTypeW
FindNextChangeNotification
GetCommandLineA
SetEnvironmentVariableA
LCMapStringA
RtlUnwind
GetCPInfo
GetSystemTimeAsFileTime
InterlockedExchange
InitializeCriticalSection
CreateEventA
GetThreadSelectorEntry
GetEnvironmentStrings
TransmitCommChar
GetStringTypeA
GetTimeZoneInformation
HeapFree
TerminateProcess

advapi32

CryptSetHashParam
StartServiceA
RegSaveKeyA

gdi32

CloseMetaFile
CreateDIBPatternBrushPt
Pie
PlgBlt
GetTextFaceW
GetLogColorSpaceW
CreateICW
GetEnhMetaFilePaletteEntries
DeviceCapabilitiesExA
gdiPlaySpoolStream

user32

GetWindowTextA
CountClipboardFormats
CopyAcceleratorTableW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 306KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44db0744c4976a7be12609dc309ab78c

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

Sections

.text Size: 107KB - Virtual size: 106KB

.data Size: 306KB - Virtual size: 312KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 107KB - Virtual size: 106KB

.data
Size: 306KB - Virtual size: 312KB

.rsrc
Size: 9KB - Virtual size: 9KB