30f2b0940ce2aa0e55950cea64c70800_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30f2b0940ce2aa0e55950cea64c70800_JaffaCakes118
Size

4.3MB
MD5

30f2b0940ce2aa0e55950cea64c70800
SHA1

df83fa29b3036f55dfad5ad18916effc5e3d9e72
SHA256

ac0a7ca49c0e8eac37b956abe9a71f1fd76be08a72c2ff6d93db44a3d97c68f0
SHA512

bf61fd94e203b8172519eb060ec67e4ba1de14a9eb7d84bd2e1962a0fa40cf6b12027e518cf738e608ee22228f36900d56f86e06aa0a72f1b361a50ec0336fe2
SSDEEP

98304:4Qg+Bll35f8SblmXAI7mGaeXpiz8NfIDBzxXXHlQ0HGF:nx/cShmX9XpZiR6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30f2b0940ce2aa0e55950cea64c70800_JaffaCakes118

Files

30f2b0940ce2aa0e55950cea64c70800_JaffaCakes118
.exe windows:4 windows x86 arch:x86

502875ffa34538f20aace273e08cd79d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\trees\cod3\cod3\pc\iw3sp.pdb

Imports

kernel32

GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
ExitProcess

advapi32

RegCreateKeyA

gdi32

CreateCompatibleDC

user32

MessageBoxA

version

GetFileVersionInfoA

winmm

timeEndPeriod

mss32

_AIL_set_sample_3D_position@16

binkw32

_BinkSetMemory@8

d3d9

Direct3DCreate9

d3dx9_34

D3DXGetShaderConstantTable

shell32

ShellExecuteA

ddraw

DirectDrawCreateEx

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 488KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 26.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

stxt774
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

stxt371
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

502875ffa34538f20aace273e08cd79d

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

gdi32

user32

version

winmm

mss32

binkw32

d3d9

d3dx9_34

shell32

ddraw

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 488KB - Virtual size: 485KB

.data Size: 40KB - Virtual size: 26.2MB

.tls Size: 4KB - Virtual size: 33B

.rsrc Size: 4KB - Virtual size: 3KB

stxt774 Size: 12KB - Virtual size: 8KB

stxt371 Size: 16KB - Virtual size: 13KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 488KB - Virtual size: 485KB

.data
Size: 40KB - Virtual size: 26.2MB

.tls
Size: 4KB - Virtual size: 33B

.rsrc
Size: 4KB - Virtual size: 3KB

stxt774
Size: 12KB - Virtual size: 8KB

stxt371
Size: 16KB - Virtual size: 13KB