30bbe7db9f366a4acd17a23d4a98d293_JaffaCakes118

General

Target

30bbe7db9f366a4acd17a23d4a98d293_JaffaCakes118
Size

204KB
MD5

30bbe7db9f366a4acd17a23d4a98d293
SHA1

ea67017e54d95bbf18a7d961fe973144e0078874
SHA256

9ed902e077351ebb4f9c9ec7611be26bf7127fc7c7505db47c5e60cb24101a0c
SHA512

de1445f4c3d70a4a2fa3490738643f8876889fed82f30680c738fd2f5b72883e8accea542110c42877b16d6d6569b8bc766c7947fccb4c373a3f80142681ee5c
SSDEEP

6144:nlnerjhIMooIUADbZhA/w4JJWU1kCBJ2:nty6pNDdhVyEu/U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30bbe7db9f366a4acd17a23d4a98d293_JaffaCakes118

Files

30bbe7db9f366a4acd17a23d4a98d293_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a8b6e3e9871aff94d8a5e5f0e6bf6ca7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
HeapFree
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
RtlUnwind
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetModuleFileNameA
GetCPInfo
GetACP
HeapAlloc
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
InterlockedDecrement
InterlockedIncrement
SetFilePointer
FlushFileBuffers
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException
SetStdHandle
CloseHandle
GetLocaleInfoA
GetLocaleInfoW

Exports

Exports

XRXEnhanceDIB
XRXTranslateBitmap

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8b6e3e9871aff94d8a5e5f0e6bf6ca7

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 15KB - Virtual size: 32KB

.idata Size: 61KB - Virtual size: 61KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 15KB - Virtual size: 32KB

.idata
Size: 61KB - Virtual size: 61KB

.reloc
Size: 5KB - Virtual size: 4KB