27c099551bed3b14af264db69b0e8d03_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

27c099551bed3b14af264db69b0e8d03_JaffaCakes118
Size

122KB
MD5

27c099551bed3b14af264db69b0e8d03
SHA1

a763efb742d8c03cba16998611549b03d8eb20d3
SHA256

3697387db6947d0a2a2233cf6d4f00bc1f02507dc857dc86f6e6ca2caf5c918e
SHA512

ff3ef9f6b67bc5a03644119a1ff6b93dc4fb399f7e591089d7477d5943f85de778e7a2cc040820d01b3200d41eef9becaa1ee78563253e20e9abe84b80f67643
SSDEEP

3072:K5tw29nXRKtP0TwKt4vSeDjt4HTWxUNgRjQyEGL:Kh9hKuwKt0ntMW17E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27c099551bed3b14af264db69b0e8d03_JaffaCakes118

Files

27c099551bed3b14af264db69b0e8d03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c952052be0ce60277113f5855ad26fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetModuleHandleA
CreateDirectoryA
SetFilePointer
GetSystemDirectoryA
HeapFree
FreeLibraryAndExitThread
CreateFileA
GetSystemInfo
OutputDebugStringA
GetCurrentThread
TerminateThread
GlobalReAlloc
CreateProcessA
GetFileType
WriteConsoleW
GlobalAlloc
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryA
CreateDirectoryW
LoadLibraryW
GetWindowsDirectoryW
GetTimeFormatW
GetCurrentThreadId
IsBadWritePtr
GetLastError
lstrcatA
ExitProcess
MapViewOfFile
GetProcAddress
QueryPerformanceCounter
FindNextFileW
CreateMutexW

tapi32

lineOpenW
lineSetupConference
lineDevSpecificFeature
lineAddToConference

msvcrt

memcpy
_acmdln
atoi
memset
strcpy
isupper
wcsncmp
_wcsnicmp
wcsncpy
__wgetmainargs
atoi
__p__commode
towupper
_wtoi
strncpy
_vsnprintf
_iob

user32

DeleteMenu
GetMenuItemCount
ReleaseDC
OpenClipboard
GetKeyState
MsgWaitForMultipleObjects
LoadCursorW
GetDlgItem
SystemParametersInfoW
ShowWindow
LoadAcceleratorsW
SetScrollPos
DispatchMessageA
RemoveMenu
GetWindowPlacement
PostQuitMessage
DialogBoxParamW
LoadStringW
LoadMenuA
GetAsyncKeyState
RegisterMessagePumpHook
SetCapture
InvalidateRect

gdi32

CreateFontIndirectA
SelectObject
SetMapMode
SetPixel
SetTextColor
PatBlt
CreateSolidBrush
CreateCompatibleDC
DeleteDC
BitBlt
SelectPalette
SaveDC
SetBkColor
CreatePen
GetDeviceCaps

Exports

Exports

SfFmafXcszorUxsmnwZwg
XugShiwsiTqreOqm
IifsPpecjgEa
TwXghhTcuaa

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ttvv
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c952052be0ce60277113f5855ad26fc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

tapi32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 30KB - Virtual size: 29KB

ttvv Size: 512B - Virtual size: 277B

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 50B

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 30KB - Virtual size: 29KB

ttvv
Size: 512B - Virtual size: 277B

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 50B