30504762dcbc2ba487e8d247ceb9e4df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30504762dcbc2ba487e8d247ceb9e4df_JaffaCakes118
Size

283KB
MD5

30504762dcbc2ba487e8d247ceb9e4df
SHA1

fc18e0b5b7169817c6d0a638659f4eba97a9bd66
SHA256

ca6089b78c39901d83910883def721d0a9408dde4f94610d4bbcf8f95b24d65d
SHA512

77881373d7ddd06b3657291f40088667721651993d8261c7756b084d633d750369854c06753c568c53244249d81089397555f4ec880b3787fb9fe0c09ca0dbac
SSDEEP

6144:gIjN8yhfnTMyTLpa1RSOB8dQqho/zNdlTjPVaXtBN2sC8G:fJ8IfnYx1RSOBSQqgzNdBNaXi8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30504762dcbc2ba487e8d247ceb9e4df_JaffaCakes118

Files

30504762dcbc2ba487e8d247ceb9e4df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2168e153335b216ee666c1f2446cc04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetVersionExA
LocalHandle
SetConsoleOutputCP
GetStringTypeA
EnterCriticalSection
HeapAlloc
LoadLibraryA
WideCharToMultiByte
SetLastError
GetVersionExW
GlobalDeleteAtom
DeleteCriticalSection
GetDateFormatA
VirtualFree
VirtualProtect
GetCommandLineW
GetTimeFormatA
GetTimeZoneInformation
CompareStringA
TlsSetValue
GetLastError
GetUserDefaultLCID
GetLocaleInfoA
GetThreadTimes
HeapSize
GetStartupInfoW
GetSystemInfo
GetProcAddress
FreeEnvironmentStringsA
GetStringTypeW
HeapFree
CreateSemaphoreW
GetFileType
SetConsoleCtrlHandler
InitializeCriticalSection
VirtualQuery
SetHandleCount
IsBadWritePtr
TlsFree
GetCurrentThread
IsValidCodePage
WriteFile
GetStdHandle
HeapReAlloc
SetEnvironmentVariableA
ExitProcess
EnumSystemLocalesA
CompareStringW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
LCMapStringW
GetModuleHandleA
GetOEMCP
IsValidLocale
LCMapStringA
GetCurrentThreadId
TlsGetValue
HeapCreate
GetEnvironmentStringsW
GetStartupInfoA
GetCurrentProcessId
GetModuleFileNameA
LeaveCriticalSection
GetEnvironmentStrings
GetShortPathNameA
GetTickCount
HeapDestroy
GetCPInfo
GetModuleFileNameW
UnhandledExceptionFilter
TlsAlloc
RtlUnwind
GetLocaleInfoW
GetSystemTimeAsFileTime
InterlockedExchange
MultiByteToWideChar
GetACP
FreeEnvironmentStringsW

user32

WINNLSEnableIME
CreateDialogIndirectParamW
DdeCreateStringHandleA
CharToOemA
PackDDElParam
DlgDirSelectExW
OpenWindowStationW
SetUserObjectInformationW
IsDialogMessage
ModifyMenuA
GetTopWindow
GetPriorityClipboardFormat
IsCharAlphaNumericA
GetMenuItemCount
DdeInitializeA
MenuItemFromPoint
CharLowerA
GetWindowModuleFileNameW
ToAscii

gdi32

GetCurrentObject
GetKerningPairsA
GetNearestColor
SetPaletteEntries
DeleteColorSpace
PtVisible
PlayEnhMetaFileRecord
ExtTextOutW
GetTextCharacterExtra
GetTextAlign
CreateEnhMetaFileW
GetMiterLimit
SetICMProfileA

shell32

SHGetPathFromIDListW
DuplicateIcon
SHFileOperation
SHGetMalloc
DoEnvironmentSubstA
SHEmptyRecycleBinW
ExtractAssociatedIconExW
RealShellExecuteExA
SHGetInstanceExplorer

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2168e153335b216ee666c1f2446cc04

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 139KB - Virtual size: 138KB

.data Size: 137KB - Virtual size: 137KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 139KB - Virtual size: 138KB

.data
Size: 137KB - Virtual size: 137KB

.rsrc
Size: 5KB - Virtual size: 5KB