27b3c60d3710f81ea893c18d24a8e4fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27b3c60d3710f81ea893c18d24a8e4fd_JaffaCakes118
Size

189KB
MD5

27b3c60d3710f81ea893c18d24a8e4fd
SHA1

a7d0ee2eb8db55141d0418d54bf73f14a17a093a
SHA256

987c1137c9b6b55c2adb803477ab2b1ab762691a1f0e5f2f18c374ce3af3c5af
SHA512

a91a64be77ca505722b9dec64a03b59bfa5024aa6c0a85c9f05fd0ed36f7de2ba31de5d175d23c0136b69964956dfc3da8cefa546e8dc089982b63a7d219890e
SSDEEP

3072:XP3lhB0S6Dgk1jfYjDJAPaWQuyfMBH24PxZxPGT6HblSX4Er:/3bC5kSSwyYHDPTxbbYH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27b3c60d3710f81ea893c18d24a8e4fd_JaffaCakes118

Files

27b3c60d3710f81ea893c18d24a8e4fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3ac71752a76be87fa67da17339d481d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateWaitableTimerA
GlobalFindAtomA
SetThreadExecutionState
SizeofResource
GetFileAttributesA
SetFilePointer
WriteProfileSectionA
GetCommMask
SetFileApisToOEM
GetCurrentThreadId
UnregisterWaitEx
CloseHandle
GetCurrentDirectoryA
CreateSemaphoreA
GetDevicePowerState
SetFilePointerEx
GetLogicalDriveStringsA
VirtualAllocEx
ReleaseSemaphore

user32

DrawCaptionTempA
GetDlgItemInt
BroadcastSystemMessageExA
GetKeyboardLayoutNameA
GetMessageTime
RegisterWindowMessageA
ReplyMessage
EnumPropsExA
MessageBoxTimeoutW
SendNotifyMessageA
UnpackDDElParam
RegisterClassExA
DlgDirSelectExA
PostMessageA
RegisterClassA
RealChildWindowFromPoint

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ