30008cd34303f1582f149a134bf94d58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30008cd34303f1582f149a134bf94d58_JaffaCakes118
Size

276KB
MD5

30008cd34303f1582f149a134bf94d58
SHA1

f6dee5ea529d9138cafcaf47f92c51bf88534a7c
SHA256

467160015a9677605e728cfc0026b07e127d431d3dd2f15a6b7f7a04bd7eb147
SHA512

ed58053229cb5bbf00ba9b2b24b563b18f5d60c3c4912be4ece52acae2c6062b15bc0976237ee93b020e8a2486b2fb88e8fd818875536fe7b2aea666e8cdd763
SSDEEP

6144:Ens6a69KfAiPzWhKV7lJjILK2fj22PKTTKUv4H:zYXQR2n72CKJ4H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30008cd34303f1582f149a134bf94d58_JaffaCakes118

Files

30008cd34303f1582f149a134bf94d58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc27b174073b1abae05a386bf97bb219

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentProcess
LocalAlloc
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentThreadId
GetLastError
GetCurrentProcessId
LocalReAlloc
SetUnhandledExceptionFilter
GetTickCount
VirtualAlloc
LocalFree
QueryPerformanceCounter
MulDiv
TerminateProcess

ws2_32

WSASocketA

crypt32

CertCloseStore

gdi32

SetTextAlign
TranslateCharsetInfo
SetROP2
GetDeviceCaps
GetTextMetricsW
ExtTextOutW
SetTextColor
DeleteObject
CreatePen
SetBkColor
SelectObject
GetStockObject
Polyline
CreateFontIndirectW

user32

GetSysColor
SetWindowLongW
SendMessageW
EndDialog
IsDlgButtonChecked
GetDlgItem
BeginPaint
DrawFocusRect
CreateWindowExW
SetFocus
LoadCursorW
GetWindowLongW
CheckDlgButton
SetRect
GetSystemMetrics
RedrawWindow
GetParent
ReleaseDC
EndPaint
UnregisterClassW
GetDC
SetWindowPos
DialogBoxParamW
DeferWindowPos
DefWindowProcW
EndDeferWindowPos
RegisterClassW
GetClientRect
BeginDeferWindowPos
GetDlgCtrlID

msvcrt

wcstok
_wcsdup
free

Sections

.textbss
Size: - Virtual size: 14.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc27b174073b1abae05a386bf97bb219

Headers

File Characteristics

Imports

kernel32

ws2_32

crypt32

gdi32

user32

msvcrt

Sections

.textbss Size: - Virtual size: 14.0MB

.idata Size: 8KB - Virtual size: 8KB

.text Size: 512B - Virtual size: 424B

.rdata Size: 654KB - Virtual size: 653KB

.rsrc Size: 11KB - Virtual size: 11KB

.tls Size: 512B - Virtual size: 4KB

.textbss
Size: - Virtual size: 14.0MB

.idata
Size: 8KB - Virtual size: 8KB

.text
Size: 512B - Virtual size: 424B

.rdata
Size: 654KB - Virtual size: 653KB

.rsrc
Size: 11KB - Virtual size: 11KB

.tls
Size: 512B - Virtual size: 4KB