30a05e35f0c6dfe14a405d6e5782d154_JaffaCakes118 | Triage

Sharing

General

Target

30a05e35f0c6dfe14a405d6e5782d154_JaffaCakes118
Size

716KB
MD5

30a05e35f0c6dfe14a405d6e5782d154
SHA1

7cbd5fd061865abfa0e574035e53bb21582c1eb4
SHA256

b69b01dc28a9a5cf721c243579baf39ba301e7c02e3d41d5b1cf31b119178841
SHA512

e55af5fd5db3fc7eb8ffff712e2348e9179daa0af41f7aae46d852fed04382b7646bd5ef2d34ffd8ee1d9a6a8df7b9cb6ed4ed13f96725c91b79ac9964c9f4ed
SSDEEP

12288:4Oa1Z+qy4PhuBWAm1KL1aFZZWBnmdEEG2dh8qSNxkqJQFbxI+C5z1/ScJL:4OMciPwMBFZwn9Efh8BLkkQFK+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30a05e35f0c6dfe14a405d6e5782d154_JaffaCakes118

Files

30a05e35f0c6dfe14a405d6e5782d154_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e55abf0fbedb31b10169960483656d3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetSystemTime
LoadLibraryW
GetACP
HeapReAlloc
GetTickCount
CloseHandle
AddAtomA
PulseEvent
FreeConsole
ExitProcess
SetEvent
GetVersion
GetModuleHandleA
InterlockedExchange
GlobalFlags
FindResourceExA
VirtualProtect
GetBinaryTypeA
TlsFree
lstrlenA

user32

PostMessageA
LoadIconA
TranslateMessage
GetDlgItem
CopyRect
GetScrollRange
SetWindowPos
DialogBoxParamA
DispatchMessageA
MessageBoxA
GetParent
GetMenu
GetSubMenu
ModifyMenuA
ScrollDC
PostQuitMessage
GetKeyboardLayout
EqualRect
EnableScrollBar
GetWindowTextA
GetWindowLongA
SetSysColors
UpdateWindow
InflateRect
DestroyMenu
ShowWindow
SetPropA
InsertMenuA
GetMenuStringA

shlwapi

UrlHashA
StrToIntExA
UrlCombineA
StrToIntA
StrTrimA

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ