27088372a49267f92c33bf75f33aa61d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

27088372a49267f92c33bf75f33aa61d_JaffaCakes118
Size

344KB
MD5

27088372a49267f92c33bf75f33aa61d
SHA1

303fdd98da22677b685c9671df4d68b6fb308842
SHA256

0bd7715c38042df3e9bd573422a4f0432f85bfd668608cfa3fa2f813a8371a2b
SHA512

6d5a4b2cd95ca42648aaf938d70a4fef9e5798f81b5aae47b902aec3faca2f56dae959d598f449e4aadff0b6840ea4e62d81c040788884debd2ce0229b77948d
SSDEEP

6144:7L0Xy9Dec+UWFw6mLRawc9z1aEvtph32F84QnEU0:Z9DH+UWy9Nkh0F84Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27088372a49267f92c33bf75f33aa61d_JaffaCakes118

Files

27088372a49267f92c33bf75f33aa61d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bd74e4f0de294edb128178ce3e3556e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
SearchPathW
GetTempPathW
FindResourceExA
GetBinaryTypeW
GetLargestConsoleWindowSize
IsProcessorFeaturePresent
GetEnvironmentVariableW
SetErrorMode
GetSystemTimeAdjustment
LocalAlloc
IsBadReadPtr
UnhandledExceptionFilter
GetProfileStringA
EnumResourceNamesW
GetWindowsDirectoryA
SetConsoleCursorPosition
FreeLibraryAndExitThread
GlobalFindAtomW
SetCurrentDirectoryA
GetModuleHandleA
EnumTimeFormatsW
SetEnvironmentVariableA
FlushFileBuffers
SetCommTimeouts
GlobalUnlock
GetTimeZoneInformation
GetAtomNameA
VirtualProtect
GetVersionExA
GetOverlappedResult
IsDBCSLeadByteEx
GlobalFree
LocalSize
GetFileType
FatalAppExitA
GetProfileIntA
GlobalAddAtomA
EnumCalendarInfoA
GetCommandLineW
SetThreadAffinityMask
GetDateFormatA
IsBadWritePtr
InitializeCriticalSection
GetUserDefaultLCID
MoveFileExA
GetTapeStatus
ReadConsoleInputW
SetEndOfFile
GlobalAddAtomW
CreateWaitableTimerA
EnumResourceNamesA
GetCommModemStatus
Beep
SwitchToFiber
SetConsoleTitleA
lstrcatW
_lopen
PeekConsoleInputW
GetPrivateProfileStringA
FindResourceExW
GetConsoleMode
MoveFileW
FreeLibrary
SetProcessWorkingSetSize
FindFirstFileExW
FlushConsoleInputBuffer
EnumCalendarInfoW
GetLongPathNameA
OutputDebugStringA
GetCommandLineA
UnmapViewOfFile
ExitProcess

user32

IsCharAlphaNumericW
SetMessageQueue
DrawIcon
LoadStringA
CopyImage
IsCharLowerW
BroadcastSystemMessageW
DrawStateW
GetKeyboardLayout
TranslateAcceleratorA
UnregisterDeviceNotification
SetActiveWindow
LoadCursorA
GetClassInfoExA
MonitorFromWindow
IsDlgButtonChecked
EndPaint
OemToCharBuffW
GetSysColorBrush
SetWindowsHookExW
CallWindowProcW

gdi32

GetDIBits
CloseMetaFile
PolyBezierTo
GetObjectType
GetSystemPaletteEntries
GetPixel
EnumFontsA
PolyDraw
SetBitmapBits

comdlg32

ChooseColorA
GetSaveFileNameA
PrintDlgA
PrintDlgW

advapi32

ReportEventW
LookupPrivilegeNameA
LockServiceDatabase
GetPrivateObjectSecurity
GetExplicitEntriesFromAclW
CryptDestroyHash
SetSecurityDescriptorGroup
GetSecurityInfo
GetSidLengthRequired
RegDeleteValueW
BuildSecurityDescriptorW
RegDeleteKeyW
CryptGenRandom
SetSecurityDescriptorDacl
SetTokenInformation
LogonUserW
RegSetKeySecurity
CryptReleaseContext
GetCurrentHwProfileW
RegCreateKeyExA
StartServiceCtrlDispatcherW
InitiateSystemShutdownW
AbortSystemShutdownA
GetServiceDisplayNameA
GetSecurityDescriptorControl
EnumServicesStatusW
GetAclInformation
CopySid
OpenThreadToken
LookupPrivilegeValueA

ole32

CoGetObject

oleaut32

VariantCopy
QueryPathOfRegTypeLi
SafeArrayGetElement
SysFreeString
LoadTypeLibEx

comctl32

PropertySheetA

shlwapi

StrRChrA
SHRegSetUSValueW
PathCommonPrefixW
StrFormatByteSize64A
PathGetArgsW
PathUnquoteSpacesA
ChrCmpIW
StrRetToBufW
SHSetValueA
StrCmpNW
PathIsSameRootW
SHSetValueW
PathFindFileNameA
PathRemoveBackslashA
PathFindExtensionA
SHRegQueryUSValueW
PathFindOnPathW
PathGetDriveNumberA
PathIsRelativeW

setupapi

SetupDiClassGuidsFromNameExA
SetupDiSetDeviceInstallParamsA
SetupGetLineTextW

Sections

uyqim
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

gwwsqm
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

euomueg
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ucqqys
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bd74e4f0de294edb128178ce3e3556e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

uyqim Size: 296KB - Virtual size: 293KB

gwwsqm Size: 8KB - Virtual size: 4KB

euomueg Size: 8KB - Virtual size: 4KB

ucqqys Size: 28KB - Virtual size: 24KB

uyqim
Size: 296KB - Virtual size: 293KB

gwwsqm
Size: 8KB - Virtual size: 4KB

euomueg
Size: 8KB - Virtual size: 4KB

ucqqys
Size: 28KB - Virtual size: 24KB