27af747ab7794492117725b129a7ac33_JaffaCakes118

General

Target

27af747ab7794492117725b129a7ac33_JaffaCakes118
Size

740KB
MD5

27af747ab7794492117725b129a7ac33
SHA1

5aca578930181291f9446221552974890534f3e2
SHA256

600c878acf78048e758849cb0fd5d4e8108c48e9e797da6f06b9ffaa4485a43c
SHA512

e67d4d3d08b859cb52df2381f45797da0f6a21047709576dab4dbd57086a54927d73f4a8c34f182f4d31a7ec08f98b0b343307bad88080eab232e661765e9863
SSDEEP

12288:M6p6p6p6lPWM//m2lB0hP59PSkpURY1mnmu5XL0l1B6AHkPhP6p6p6p6p66mrFmR:LssslPW4DiB9PSUUR5nmAXM6A2yssssL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27af747ab7794492117725b129a7ac33_JaffaCakes118

Files

27af747ab7794492117725b129a7ac33_JaffaCakes118
.exe windows:5 windows x86 arch:x86

df826607088293359d1f2982645462de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
BeginPaint
GetWindow
ReleaseDC
IsWindowVisible
SetForegroundWindow
GetClientRect
GetDesktopWindow
SetCursor

kernel32

GetModuleHandleA
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetLastError
LeaveCriticalSection
VirtualAlloc
CreateFileA
FormatMessageA
Sleep
FindClose
CreateEventA
FreeLibrary
GetProcAddress
GetACP
GetCommandLineA
GetSystemTimeAsFileTime
FindNextFileW
InterlockedExchange
FindFirstFileA
FreeEnvironmentStringsW
GetStringTypeA
GetCPInfo
CreateMutexA
CloseHandle
UnhandledExceptionFilter
DeleteFileA
CreateDirectoryA
SizeofResource
GetCurrentProcess
DeleteCriticalSection
LoadLibraryA
GetStdHandle
ExitProcess
LCMapStringA
SetEvent
GetConsoleCP
GlobalFree
SetHandleCount
ReleaseMutex
EnterCriticalSection
GetThreadLocale

gdi32

DeleteObject
SelectObject
BitBlt

msvcrt

__p__fmode
__set_app_type
_except_handler3
_controlfp
_strcmpi
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 652KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df826607088293359d1f2982645462de

Headers

File Characteristics

Imports

user32

kernel32

gdi32

msvcrt

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 652KB - Virtual size: 648KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 652KB - Virtual size: 648KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 4KB - Virtual size: 3KB