27aa08d113034eae5565fe2e8813a01e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27aa08d113034eae5565fe2e8813a01e_JaffaCakes118
Size

354KB
MD5

27aa08d113034eae5565fe2e8813a01e
SHA1

9cef109fb1a73439dddca04b756e60720828819a
SHA256

4b953e077b245de00a01173066334e65185f6bcbbfd162a3975abb46cf222449
SHA512

e46a43361c33bd9869fa31dd6d8c3dd19f184a8944c4596cb8e19491732ab78f019830569ab729d3e4dc6d35f4102f339564faa3da14f2f48eae6cfea79af9f3
SSDEEP

6144:TTUyAs15d/3BfydG/wyBMUyAg8jId0a3kPx/GA6UerC26ie+T5SvCtWR8:/53B6GnBMUQyaUZGAjLvC8a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27aa08d113034eae5565fe2e8813a01e_JaffaCakes118

Files

27aa08d113034eae5565fe2e8813a01e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d1fec85a869845266c90f7f98a8e91f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
DisableThreadLibraryCalls
CreateEventW
CloseHandle
SetEvent
LocalFree
Sleep
GetCurrentProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA
GetModuleFileNameA
lstrlenA
GetTickCount
lstrcatA
GetModuleHandleW
LCMapStringW
SwitchToThread
lstrlenW
GetProcessHeap
GetVersionExW
UnhandledExceptionFilter
FindResourceExW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
SearchPathW
InterlockedCompareExchange
InterlockedExchange
GetDateFormatW
GetTimeFormatW
LoadLibraryW
GlobalUnlock
GetSystemTimeAsFileTime
InterlockedDecrement
CompareStringW
GetModuleFileNameW
ResetEvent
LoadResource
FindResourceW
LoadLibraryExW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
CompareFileTime
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
HeapSize
GetCPInfo
GetOEMCP
GetSystemInfo
GetACP
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
WriteFile
ExitProcess
VirtualQuery
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
WaitForSingleObject
CreateThread
LocalAlloc
WaitForMultipleObjects
SetUnhandledExceptionFilter
TerminateProcess
GetCommandLineA
HeapDestroy
VirtualProtect
GetVersionExA
GetStartupInfoA
RtlUnwind
HeapFree
HeapAlloc

user32

SendMessageW
LoadStringA
SendMessageA
FindWindowA
MessageBoxW
GetDlgItem
TranslateMessage
DispatchMessageW
LoadCursorW
SetCursor
PostMessageW
GetDesktopWindow
GetClientRect
GetWindowRect
MoveWindow
LoadStringW
CreateDialogParamW
EnableWindow
SetWindowTextW
GetFocus
DialogBoxParamW
SetFocus
ShowWindow
SetDlgItemTextW
EnumWindows
PeekMessageW
IsWindow
FindWindowExW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegisterServiceCtrlHandlerW
SetServiceStatus
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW

ole32

CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CoTaskMemFree

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 559KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d1fec85a869845266c90f7f98a8e91f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 280KB - Virtual size: 559KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 280KB - Virtual size: 559KB

.rsrc
Size: 5KB - Virtual size: 5KB