30cf23688718d058f20a7fef79202851_JaffaCakes118 | Triage

Sharing

General

Target

30cf23688718d058f20a7fef79202851_JaffaCakes118
Size

200KB
MD5

30cf23688718d058f20a7fef79202851
SHA1

70ff35ba8f297851a0016e72796e618a128fcbec
SHA256

f40ed797260aa147026d6af4c1ec0bd038fd0d70f91e4bc608b007415c8e9eb9
SHA512

afe1cc4adc27bb54e02d40aac1a6ecc34033359515d3a08530446adeb69c69342aa74dd01771f8d1faa3de16cf4dbce29594baed9bd5b34fb626fcac48140a5d
SSDEEP

3072:8Y1j7ijS0JWhx7iYlLeD+dHgO+G2N+TT1ogxgLfexPrsbathVFA74e+nJ:3jeobi/D+dA2vigxgDex3tV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30cf23688718d058f20a7fef79202851_JaffaCakes118

Files

30cf23688718d058f20a7fef79202851_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77f4422d2706aa1d8a215bcf7452d486

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathA

kernel32

ExitProcess
GetCommandLineW
GetProcAddress
GetModuleHandleA
GetLastError
IsBadHugeReadPtr
VirtualAllocEx
GetCommandLineA
GetOEMCP
LoadLibraryA
ExitThread
lstrlenW
IsBadReadPtr

user32

RemoveMenu
ShowOwnedPopups
GetSystemMetrics
DrawIconEx
SetWindowLongA
CharUpperBuffA
CreateWindowExA
MapVirtualKeyA
ActivateKeyboardLayout
RegisterWindowMessageA
DispatchMessageW
DrawFrameControl
GetMenuState
GetWindowDC
GetMenuItemID
GetCursor
GetSysColorBrush
GetClassInfoA
RegisterClipboardFormatA
GetSubMenu
ScreenToClient
MessageBeep
UnhookWindowsHookEx
CharNextA
OffsetRect

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 838B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ