27df4be496142af6eb97474e53ab1185_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27df4be496142af6eb97474e53ab1185_JaffaCakes118
Size

172KB
MD5

27df4be496142af6eb97474e53ab1185
SHA1

bb780f14c3cf1cf5018407441106b421dabc9c3d
SHA256

d45a163e131b4e020708e432827cc2ee6b58c44f63415a81b57dc11aa81d66a8
SHA512

c58401dc5295d6ce79d01d58d24f5aa1f3ac5e1b3fe291197120885585289b11583b6af3b05f3c4627ce63b62f786802309a7dcc4bfc1dba277afda197158852
SSDEEP

3072:NLNUT9uXwhfkMmHYQO8OnNT7EPPKSq327X4jfqCgBLktiETP/p3FYGPw/0Cv8:jUcXIf91QmuCSl7SS1L5sp3FjPQBv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27df4be496142af6eb97474e53ab1185_JaffaCakes118

Files

27df4be496142af6eb97474e53ab1185_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4b72b66e4ff28b4bfdbc1a5019db419

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExA
GetCompressedFileSizeW
InterlockedExchangeAdd
HeapWalk
SetCurrentDirectoryA
GetEnvironmentStringsW
OpenFile
FatalAppExitA

user32

GetProcessWindowStation
GetSystemMetrics
CopyImage
IsDialogMessageW
GetDlgItem
AppendMenuW
LoadBitmapW
DdeUnaccessData
SetUserObjectSecurity
DdeFreeStringHandle
GetClassNameW
InternalGetWindowText
CopyAcceleratorTableW

gdi32

CloseFigure
TextOutW
GetTextCharset
StartDocW
SetBkMode
SelectPalette
InvertRgn
CreateDCW
GetBitmapDimensionEx

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE