30a450c02a5b0ed740eaa9a860ed708d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

30a450c02a5b0ed740eaa9a860ed708d_JaffaCakes118
Size

475KB
MD5

30a450c02a5b0ed740eaa9a860ed708d
SHA1

e6e696d7eadd5064d2c3818396cdaa274df5d9af
SHA256

021f7e7b159fda2e62d1317ee3e5391a9125fe7cfbcd98f940cc0d5129f64513
SHA512

b9755ef509f0c39428c4ca3e805469075f99a5476d88cb6532423494542afe242e3afdcfac1a843531f1d93396147c82b7a14749f068f06e2997cbc365e4ce9d
SSDEEP

6144:YtDTBOz3ZJO9LhC8d9yVFE17j1348NMbgSNBAImBNpPbSFLmUyxAFukyRTLy7gxZ:YEe9C8d9UFE33LMb97dmB8iAsxRT27g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30a450c02a5b0ed740eaa9a860ed708d_JaffaCakes118

Files

30a450c02a5b0ed740eaa9a860ed708d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f467a6b397afe0cc2ffe17b2a24ebbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA
GetSaveFileNameW
PageSetupDlgA
GetFileTitleW
ReplaceTextW
PrintDlgA
LoadAlterBitmap
GetSaveFileNameA
ChooseColorW
GetOpenFileNameW
ReplaceTextA
ChooseColorA
GetFileTitleA
GetOpenFileNameA
ChooseFontA
FindTextW
PageSetupDlgW
PrintDlgW

shell32

SHInvokePrinterCommandA
ExtractIconW
DuplicateIcon
SHEmptyRecycleBinW
DoEnvironmentSubstA
SHLoadInProc
SHFileOperation
DragQueryFile
ExtractAssociatedIconExA
ShellExecuteA
CommandLineToArgvW
SHGetSpecialFolderLocation
SHQueryRecycleBinW
SHChangeNotify
SHBrowseForFolderA
RealShellExecuteW
ShellAboutW
FreeIconList
ExtractIconA
SHGetNewLinkInfo
RealShellExecuteExW
RealShellExecuteExA
SHUpdateRecycleBinIcon
ShellExecuteW

gdi32

GetDeviceCaps
FlattenPath
PolylineTo
EnumFontsA
CreatePolyPolygonRgn
AngleArc
GetTextExtentPoint32W
GetColorAdjustment
Pie
GetTextCharacterExtra
MaskBlt
Escape
ResetDCW
GetICMProfileW
PathToRegion
CreateEllipticRgn
DeleteEnhMetaFile
CreateScalableFontResourceA
GetFontData
TextOutW
TranslateCharsetInfo

wininet

RunOnceUrlCache
InternetOpenUrlA
FindNextUrlCacheGroup
InternetGetCertByURL
FtpRenameFileA
InternetCloseHandle
RegisterUrlCacheNotification
InternetCheckConnectionA
InternetShowSecurityInfoByURLW
GopherOpenFileW
InternetGoOnlineW
FtpCreateDirectoryA
InternetAutodial
FindFirstUrlCacheGroup
RetrieveUrlCacheEntryFileW
UnlockUrlCacheEntryStream
ShowX509EncodedCertificate
InternetShowSecurityInfoByURLA
InternetTimeToSystemTimeA
InternetCreateUrlA
SetUrlCacheEntryGroupA
InternetFindNextFileW
GopherGetAttributeA
ShowClientAuthCerts

kernel32

TlsSetValue
WriteFile
GetMailslotInfo
GetCurrentThreadId
GetTickCount
UnhandledExceptionFilter
RtlUnwind
VirtualAlloc
QueryPerformanceCounter
GetStartupInfoW
EnumDateFormatsW
SetThreadAffinityMask
EnumSystemLocalesA
GetSystemTimeAsFileTime
TlsAlloc
GetCommandLineW
Sleep
GetDiskFreeSpaceExA
CreateProcessW
GetCurrentThread
InterlockedDecrement
InterlockedExchange
RtlFillMemory
GetOEMCP
TerminateProcess
GetDriveTypeA
ExitProcess
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsValidLocale
SetEnvironmentVariableA
GetLocaleInfoW
GetStdHandle
GetACP
GetCurrentProcess
FreeLibrary
HeapReAlloc
GetModuleFileNameA
GetLastError
HeapAlloc
FreeEnvironmentStringsW
GetModuleHandleW
HeapFree
SetConsoleCtrlHandler
OpenEventW
GetProcAddress
IsDebuggerPresent
SetWaitableTimer
GetThreadPriority
FileTimeToSystemTime
HeapDestroy
InterlockedIncrement
GetStringTypeA
GetModuleFileNameW
GetLogicalDriveStringsW
GetEnvironmentStringsW
TlsFree
FoldStringW
LoadLibraryA
GetStringTypeW
GetCurrentProcessId
GetModuleHandleA
EnterCriticalSection
GetTimeZoneInformation
CompareStringW
GetStartupInfoA
SetFileTime
SetUnhandledExceptionFilter
MultiByteToWideChar
GetTimeFormatA
CompareStringA
HeapCreate
LCMapStringW
WideCharToMultiByte
ReadConsoleOutputCharacterW
DeleteAtom
GetDateFormatA
GetFileType
SetLastError
LeaveCriticalSection
GetCPInfo
VirtualFree
GetUserDefaultLCID
SetFileAttributesA
ReadFile
LCMapStringA
TlsGetValue
VirtualQuery
IsValidCodePage
GetLocaleInfoA
HeapSize
SetHandleCount

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f467a6b397afe0cc2ffe17b2a24ebbe

Headers

File Characteristics

Imports

comdlg32

shell32

gdi32

wininet

kernel32

Sections

.text Size: 153KB - Virtual size: 152KB

.data Size: 311KB - Virtual size: 311KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 153KB - Virtual size: 152KB

.data
Size: 311KB - Virtual size: 311KB

.rsrc
Size: 10KB - Virtual size: 9KB