30e183e35341b332e4f250b1c36e4af2_JaffaCakes118

General

Target

30e183e35341b332e4f250b1c36e4af2_JaffaCakes118
Size

178KB
MD5

30e183e35341b332e4f250b1c36e4af2
SHA1

39a67bf0a73bc4ad4e0581e5e3aed70e41094a32
SHA256

e87bcecc74da05ad8dd404acfc3f2aee8c075a9d8bf9c50b38b02383cba87b63
SHA512

c17c57bbc171b96feacea1ed4581527b4a77997ff0ed6f1549dc6dae7acb967ed222e4f82efec61d4380deea464bc75b335d5d438e54acbfd8b0630b7ca1f6e9
SSDEEP

3072:cDVmt/Hy/HZ0excRT9CMCMRqgYspAVxGgMJ4tHH0Z3D6IQkXK0NSv+U/eRUGdwRZ:cRmcJc59NCMYdswGX4p0Z3D6IBX9SpeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30e183e35341b332e4f250b1c36e4af2_JaffaCakes118

Files

30e183e35341b332e4f250b1c36e4af2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1667f82be2674ed6503bb2e26994cb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
EnterCriticalSection
FormatMessageA
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetFileType
GetLastError
GetPrivateProfileSectionA
GetPrivateProfileStructA
GetProcAddress
GetStartupInfoA
GetStringTypeA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetVersion
GlobalHandle
IsBadWritePtr
IsValidLocale
LoadLibraryA
Module32First
MulDiv
OpenEventA
OutputDebugStringA
ReadProcessMemory
SetLastError
SetStdHandle
SetThreadPriority
SuspendThread
TerminateProcess
TlsAlloc
UnhandledExceptionFilter
WaitForSingleObject
WriteConsoleA
lstrcmpiA

advapi32

AdjustTokenPrivileges
EqualSid

Sections

.code
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1667f82be2674ed6503bb2e26994cb2

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.code Size: 143KB - Virtual size: 143KB

.data Size: - Virtual size: 3KB

.bss Size: - Virtual size: 97KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 6KB - Virtual size: 6KB

.rsrc Size: 25KB - Virtual size: 25KB

.code
Size: 143KB - Virtual size: 143KB

.data
Size: - Virtual size: 3KB

.bss
Size: - Virtual size: 97KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 25KB - Virtual size: 25KB