30148705b6cb2e45d171dec86c6c11ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30148705b6cb2e45d171dec86c6c11ce_JaffaCakes118
Size

46KB
MD5

30148705b6cb2e45d171dec86c6c11ce
SHA1

aea49f2890db1713ce468bbe78023756345cbd5c
SHA256

b3c0282cebdd3b78a818bada88a248409c3022a72c41922940dc2fb04943498e
SHA512

d4a928195cf89b8bcf72744d55403a20bf6c7865ab8ebd59d8f337b54707d5aceff4aaa5be79dd3e4dad65fa162e0c7955fdf838fd9215e06d3726755ee0270b
SSDEEP

768:HmseH8DE1Gck+LhqbmScbuJaH14zrkiFtsBivy8RTOVXLeaYkOLQVI7jSrez:X08DES+L0aScbYQ4zrkiLswvyO8xYkOX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30148705b6cb2e45d171dec86c6c11ce_JaffaCakes118

Files

30148705b6cb2e45d171dec86c6c11ce_JaffaCakes118
.exe windows:5 windows x86 arch:x86

478b83ac4ca0689e556d676d8da47396

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
CreateWindowExA
SendDlgItemMessageA
GetDlgItemTextA
ShowWindow

advapi32

RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA

kernel32

LoadLibraryA
OpenEventA
SetFileAttributesA
GetStdHandle
WriteFile
TlsGetValue
SetLastError
lstrcpyA
GetOEMCP
lstrlenA
SetThreadPriorityBoost
GlobalFree
ExitThread
TlsAlloc
GetCommandLineA
RtlUnwind
TerminateProcess
MapViewOfFile
LeaveCriticalSection
CreateEventA
EnterCriticalSection
FreeLibrary
CreateFileA
IsBadCodePtr
GlobalAlloc
DeleteCriticalSection
SetupComm
SetFilePointer
SetStdHandle
WideCharToMultiByte
LCMapStringW
Sleep
LCMapStringA
HeapAlloc
InterlockedDecrement
GetModuleFileNameA
GetACP
GetProcAddress
HeapDestroy
CloseHandle
ExitProcess
VirtualAlloc
SetHandleCount
UnmapViewOfFile
VirtualFree
HeapCreate
InterlockedIncrement
GetFileType
GetTickCount
IsBadWritePtr
IsBadReadPtr
GetCurrentProcess
GetStringTypeW
TlsSetValue
GetModuleHandleA
GetVersion
OpenFileMappingA
GetCPInfo
HeapReAlloc
GetStartupInfoA
FlushFileBuffers
CreateFileMappingA
CreateThread
GetCurrentProcessId
UnhandledExceptionFilter
PulseEvent
HeapFree
LoadLibraryExA
FlushFileBuffers
DeleteFileA
GetStringTypeA
InitializeCriticalSection
GetLastError
GetCurrentThreadId
MultiByteToWideChar
GetPrivateProfileSectionA
WriteProfileStringW
DeleteAtom
GetCurrentDirectoryA
FatalAppExitA
GetShortPathNameA
GetWindowsDirectoryW
GetFullPathNameA
MoveFileA
IsValidCodePage
GetVersion
SetVolumeMountPointW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 151KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

478b83ac4ca0689e556d676d8da47396

Headers

File Characteristics

Imports

user32

advapi32

kernel32

version

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 111KB

.rsrc Size: 3KB - Virtual size: 3KB

.text1 Size: 151KB - Virtual size: 271KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 111KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text1
Size: 151KB - Virtual size: 271KB