30778c27eecd926c4b8a8296dae9b7f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30778c27eecd926c4b8a8296dae9b7f7_JaffaCakes118
Size

82KB
MD5

30778c27eecd926c4b8a8296dae9b7f7
SHA1

34e97a966240d800125dbdf2cd0442bc0ab59096
SHA256

d2d288659bb48f6ab1f62419524fc80f1903e663b7f9cdbea85aae4961dc9efa
SHA512

840f5054a46515ee7a9e0c982d96784273b894a3b72f0d9abfb90c6179a4aa8f1e5215cd8b1f68f6764b623161c32dbe11de86524c2375d2457b87243d162b8f
SSDEEP

1536:mUU9Vb1N+wbffcGT7M7w4C/hJ3FBUS0gwodKR8rfwUP0T1:m39p1c32A7wp3F7wgKWfwUMZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30778c27eecd926c4b8a8296dae9b7f7_JaffaCakes118

Files

30778c27eecd926c4b8a8296dae9b7f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

033bde1d7a5ff255c2eb55b5e601cca3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
exit
abort
_snprintf
strlen
_initterm
_exit
__p__commode
__set_app_type
__getmainargs
sqrt
__p__fmode
calloc
_adjust_fdiv
__setusermatherr
fprintf
_except_handler3
realloc
strcpy
_acmdln
_stricmp
getenv

kernel32

GetStartupInfoA
GetConsoleOutputCP
GetLocaleInfoW
GlobalFree
GlobalAlloc
OpenProcess
GetTempFileNameA
FileTimeToLocalFileTime
GetModuleHandleW
FreeLibrary
DuplicateHandle
GetThreadLocale
LocalFree
GetFileAttributesA
FileTimeToDosDateTime
ReadFile
GetShortPathNameA
GetSystemDefaultLCID
InterlockedIncrement
lstrcpynA
WriteFile

comctl32

ImageList_GetIconSize
InitializeFlatSB
ImageList_DragEnter
ImageList_AddMasked
ImageList_Draw
ImageList_Create
ImageList_Remove
ImageList_DragShowNolock
ImageList_Destroy
PropertySheetA
ImageList_GetImageInfo
ImageList_Replace

oleaut32

CreateErrorInfo
SysAllocStringByteLen
VariantCopy
VariantCopyInd
SafeArrayPtrOfIndex
SetErrorInfo
SafeArrayPutElement
SafeArrayRedim
SysStringByteLen

user32

InsertMenuItemA
EnableWindow
ScrollWindow
GetSubMenu
MessageBoxA
GetMenuItemCount
KillTimer
GetWindowThreadProcessId
DialogBoxParamA
DispatchMessageA
OffsetRect

advapi32

RegEnumKeyA
CopySid
GetTokenInformation
RegCreateKeyExA
OpenProcessToken
IsValidSid
AddAccessAllowedAce
CheckTokenMembership
CryptGenRandom
CryptHashData
RegCreateKeyA
SetSecurityDescriptorDacl
GetUserNameA

ole32

DoDragDrop
CoInitializeEx
PropVariantClear
OleSetMenuDescriptor
CoLoadLibrary
OleRun
CoUninitialize
StringFromGUID2
GetRunningObjectTable
CreateILockBytesOnHGlobal

gdi32

TextOutW
EnumFontFamiliesW
GetCurrentPositionEx
SetTextAlign
SetBkColor
SetWindowExtEx
GetCharWidthA
CreateDCW
PtVisible

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

033bde1d7a5ff255c2eb55b5e601cca3

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

oleaut32

user32

advapi32

ole32

gdi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 56KB - Virtual size: 56KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 3KB - Virtual size: 2KB