27af695d933f7a7747b2cf2ffb798c71_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27af695d933f7a7747b2cf2ffb798c71_JaffaCakes118
Size

10KB
MD5

27af695d933f7a7747b2cf2ffb798c71
SHA1

ba3d1f97d7e675711aad348153ef519a6e98a97f
SHA256

e2f1eb756348ff3c0d86d85a6e156a08ee0ae3095502970bd58828ccb2309a91
SHA512

9bd8a2b7d0d7db4c53b063bf98f793b39178537d2621c78763b191cb9e2629d9843d313187f39cd985af3b7d9afad787c3c812b742c26bf37ca9a0834b5fab52
SSDEEP

192:aentaentbGDxz3X3H78haEPD43e7Y4eyuB+zWOzU0VrrG6vDMF0XoKYXN6:a4a4iDRHduzeKzWOY0ooDMSoKYXs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27af695d933f7a7747b2cf2ffb798c71_JaffaCakes118

Files

27af695d933f7a7747b2cf2ffb798c71_JaffaCakes118
.dll windows:4 windows x86 arch:x86

107e33bd406370e0c3efbdbdc9977f81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Beep
CreateFiber
DisableThreadLibraryCalls
EnumDateFormatsExW
EnumSystemCodePagesA
ExitProcess
FillConsoleOutputCharacterW
FindFirstChangeNotificationW
FlushViewOfFile
GetProfileStringW
GetSystemDefaultLangID
GetTimeZoneInformation
InterlockedDecrement
LocalShrink
OpenFileMappingA
OpenSemaphoreW
QueryDosDeviceW
SetThreadPriorityBoost
SizeofResource
TlsGetValue
TransactNamedPipe
TransmitCommChar
WriteProfileSectionA
lstrcpy
lstrcpynA
lstrlen

advapi32

CryptEnumProviderTypesA
CryptGetDefaultProviderA
CryptSetProvParam
CryptSetProviderA
CryptSetProviderExA
EnumDependentServicesA
EqualPrefixSid
GetAccessPermissionsForObjectW
GetAce
GetCurrentHwProfileA
GetMultipleTrusteeW
GetSecurityInfoExA
ObjectCloseAuditAlarmW
OpenEventLogA
PrivilegeCheck
QueryServiceConfigA
QueryServiceLockStatusA
RegCreateKeyA
RegEnumValueA
RegGetKeySecurity
SetEntriesInAclA
SetEntriesInAuditListW
SetKernelObjectSecurity
SetSecurityInfoExA
StartServiceCtrlDispatcherW

user32

CreateDialogIndirectParamA
CreateIconIndirect
CreateMDIWindowW
CreateWindowStationA
DialogBoxParamA
DrawMenuBar
DrawTextExW
EnumDisplayMonitors
GetCapture
GetClassNameW
GetDC
GetNextDlgTabItem
GetScrollInfo
GetWindowRgn
GetWindowTextW
IMPGetIMEW
ImpersonateDdeClientWindow
InternalGetWindowText
LoadStringA
MessageBeep
RegisterHotKey
ReuseDDElParam
SendInput
SetClipboardViewer
SetScrollInfo
SetUserObjectInformationA
SystemParametersInfoA
UnionRect

Exports

Exports

LogSend
LogTrim
Update

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

107e33bd406370e0c3efbdbdc9977f81

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 9KB - Virtual size: 16KB

.idata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 9KB - Virtual size: 16KB

.idata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 4KB