30e3066012b59ad55d0b27205580018f_JaffaCakes118 | Triage

Sharing

General

Target

30e3066012b59ad55d0b27205580018f_JaffaCakes118
Size

636KB
MD5

30e3066012b59ad55d0b27205580018f
SHA1

1fda207b3a2a19bf58ff34cc890d8f89e63b637e
SHA256

9bfa474f2c1241f28309d956caec2fa8d7236e25f9af6898808e0329f121f554
SHA512

b05379710c9e0fb86417d71b5a8e0d1fac98b3529028798107b3aa407b66010f03af26d198978eb2c64e1a2f2c6682097e961cc505276912dc58bb2f46c8e1bf
SSDEEP

12288:EcyvkqVSezqJD5rRQ0dYm3ugGyeAsaoe+oHURINAnAhxA1Jv3g8WY/xSV:Ec57ezyhRQ0dTKy+eLHURI+nAhFzY5S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30e3066012b59ad55d0b27205580018f_JaffaCakes118

Files

30e3066012b59ad55d0b27205580018f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e97f4dead2a114e5390f1fc73a249b9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetConsoleCP
HeapReAlloc
HeapCreate
GetTickCount
WaitForMultipleObjects
VirtualProtect
CompareFileTime
WaitForSingleObject
GetCommandLineA
InterlockedExchange
SetLastError
ResumeThread
GlobalSize
lstrlenA
GetConsoleDisplayMode
GetUserDefaultLangID
GetAtomNameA
LoadLibraryExA
GetVersion
GetModuleHandleA

user32

AnyPopup
GetTitleBarInfo
GetCursorPos
GetFocus
EndPaint
FrameRect
ShowWindow
DrawTextA
SetForegroundWindow
DragDetect
CreateIcon
BeginPaint
GetWindow
GetParent
GetDC
FillRect
wsprintfA
GetClassNameA
ReleaseDC

rastapi

DeviceConnect
PortClose
AddPorts
DeviceDone
DeviceListen

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ