27508eeb8fddd043bc6526ffd11a2b65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27508eeb8fddd043bc6526ffd11a2b65_JaffaCakes118
Size

356KB
MD5

27508eeb8fddd043bc6526ffd11a2b65
SHA1

2d983a05edad1386eddde4589edaab89651447f6
SHA256

77182e3c1790829a797938b48dc07124335bcabf243cd4efb4f48cf21549b69b
SHA512

0d7b0b44347996bfb7dc96d3700b261d2148e5dd8933f4aa56fe705e26dcb77d18207a9adbba817e52160bf375f777ffc2668eb5205b8be18fa9fdc4a6a1e400
SSDEEP

6144:zxW9UDhgL8tkeMUSz37F/UyeqJ+RbJE7CMixDhCreOpm6xwmws9vsa988NbDG:zxW9UDttkbzL5Ue4m7CzxDItwbmmCbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27508eeb8fddd043bc6526ffd11a2b65_JaffaCakes118

Files

27508eeb8fddd043bc6526ffd11a2b65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a6e078bfe09b8fd3773d6000b3dc86f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_llseek
SwitchToFiber
FreeEnvironmentStringsA
lstrcmpA
CreateDirectoryW
GetVolumeInformationW
SetErrorMode
FlushConsoleInputBuffer
VirtualQuery
CreateDirectoryA
GetCurrentProcessId
SetVolumeLabelA
IsBadReadPtr
VirtualFree
SetConsoleMode
GetFullPathNameA
FillConsoleOutputCharacterA
ConnectNamedPipe
WritePrivateProfileSectionW
GetShortPathNameW
FindFirstFileA
SetProcessWorkingSetSize
SetStdHandle
CreateDirectoryExA
LoadLibraryExA
GetSystemInfo
ReadFile
VirtualUnlock
SetProcessAffinityMask
FindResourceExW
RemoveDirectoryA
OpenMutexA
GetFileType
SetCommMask
SetEndOfFile
GetAtomNameA
CreateIoCompletionPort
OpenSemaphoreW
WritePrivateProfileStringA
CompareStringW
SetProcessShutdownParameters
SystemTimeToFileTime
GlobalFree
EnumCalendarInfoA
LeaveCriticalSection
GetDateFormatA
DeleteCriticalSection
LCMapStringA
GetTempPathW
lstrcpyA
lstrcatW
LocalSize
PeekConsoleInputW
ExitThread
SetConsoleWindowInfo
CopyFileExW
SetEvent
ReleaseSemaphore
CreateNamedPipeW
GetTimeZoneInformation
WriteConsoleOutputCharacterA
SetThreadPriorityBoost
UnmapViewOfFile
DeleteFiber
IsValidLocale
SetFileTime
IsBadStringPtrA
CreateMutexW
GlobalAddAtomW
GetProfileStringA
GetSystemDefaultLangID
GetLocaleInfoW
GetCommandLineW
EraseTape
GetFileAttributesA
SetEnvironmentVariableA
QueryDosDeviceA
lstrcmpiA
GetModuleFileNameW
GetNumberFormatW
InitializeCriticalSection
GetPrivateProfileStringA
LoadResource
VirtualLock
GetCommandLineA
GetVersionExA
VirtualProtect
SetEnvironmentVariableW
ExitProcess

user32

SetRectEmpty
SetWindowsHookExA
GetInputState
ScrollDC
EnumDisplayDevicesW
CreateWindowExW
LoadKeyboardLayoutW
GetMenu
EnumDesktopsA
GetUpdateRect
IsCharLowerA
GetMenuItemRect
wsprintfA
RemoveMenu
CharLowerW
BeginDeferWindowPos
CloseDesktop
DrawStateA
EnumDisplaySettingsExW
IsDialogMessageA
OpenWindowStationA
GetClipboardViewer
OpenInputDesktop
MonitorFromRect
ModifyMenuA
OemToCharBuffA
EnumWindows
GetScrollBarInfo
CreateWindowStationW
ToAscii
CharUpperBuffW
OemToCharA

gdi32

RectInRegion
GetDCOrgEx
SetSystemPaletteUse
GetBkMode
DPtoLP

comdlg32

GetOpenFileNameA
PageSetupDlgA
ReplaceTextW

advapi32

RegSetValueW
SetEntriesInAclW
CryptGetUserKey
GetSecurityDescriptorSacl
RegUnLoadKeyA
BuildTrusteeWithNameW
OpenServiceA
ObjectCloseAuditAlarmW
InitializeSecurityDescriptor
InitiateSystemShutdownW
GetUserNameW

ole32

RevokeDragDrop
OleCreateLink
CoUninitialize
MkParseDisplayName

oleaut32

SafeArrayPutElement
SafeArrayGetElement

comctl32

ImageList_DragEnter
ImageList_Add

shlwapi

StrCatBuffW
StrFormatKBSizeW
StrCmpNA
UrlApplySchemeW
StrRetToBufW
StrStrIW
PathRelativePathToW
StrTrimA
PathRemoveBackslashA

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiClassGuidsFromNameExA
SetupDiSetSelectedDevice
SetupDiGetDeviceInstanceIdW
SetupInstallServicesFromInfSectionA
SetupGetLineTextW
SetupFindFirstLineA
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceInfoListDetailA

Sections

KExyQgO
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

gJeuJZ
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

dyTJR
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PYHRaLZ
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a6e078bfe09b8fd3773d6000b3dc86f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

KExyQgO Size: 308KB - Virtual size: 307KB

gJeuJZ Size: 8KB - Virtual size: 4KB

dyTJR Size: 12KB - Virtual size: 10KB

PYHRaLZ Size: 24KB - Virtual size: 23KB

KExyQgO
Size: 308KB - Virtual size: 307KB

gJeuJZ
Size: 8KB - Virtual size: 4KB

dyTJR
Size: 12KB - Virtual size: 10KB

PYHRaLZ
Size: 24KB - Virtual size: 23KB