27cdb746bce20bd901017239843c48f6_JaffaCakes118

General

Target

27cdb746bce20bd901017239843c48f6_JaffaCakes118
Size

96KB
MD5

27cdb746bce20bd901017239843c48f6
SHA1

49b7ebd6185b2031a480e1f7ef3d60c14a353b49
SHA256

dae837b67059d641ac957706ec39b0653e980fabaff9f3318655dee6271ddd61
SHA512

43e5b5e4727b12c0aed335a0fac6ade2b066099beb1e7bf6af73f63b4034f55acc00d0e28a9769806f0b457b2b5f35e59cb8bebca923626bd2f08ccc92c6b34a
SSDEEP

1536:kMU7GeDD1GEs/oMl4NAgT+wdvK0TwjGyy7ENnXByw6xjE+WLJbIC8m6z0/LX5o:kMgGe9Ksawd7TwjGu5XByOdbINmV/L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27cdb746bce20bd901017239843c48f6_JaffaCakes118

Files

27cdb746bce20bd901017239843c48f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ddb8101b41cde099a4ec1a80ae14fd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetModuleFileNameW
VirtualFree
GetFileAttributesExA
GetShortPathNameW
OpenMutexA
VirtualProtect
GetStringTypeA
RemoveDirectoryA
VirtualAlloc
GetCurrencyFormatA
GetBinaryTypeW
RemoveDirectoryW

msvcrt

??1bad_cast@@UAE@XZ
_fsopen
_mbsncmp
_findfirst
_mbsnextc
ispunct
_spawnve
_ismbbalnum
_nextafter
_fileno
abs
_ltow
_CIacos
_wunlink
_swab
??_E__non_rtti_object@@UAEPAXI@Z
??1__non_rtti_object@@UAE@XZ
_rmdir
??2@YAPAXI@Z
_wpgmptr
ldiv
memcpy

comdlg32

LoadAlterBitmap
CommDlgExtendedError
PrintDlgExA
PrintDlgExW
ChooseColorA
GetFileTitleW
ReplaceTextW
GetSaveFileNameW
ReplaceTextA
ChooseFontW
dwOKSubclass
ReplaceTextA
LoadAlterBitmap

winmm

mixerGetLineInfoA
mciSendCommandW
auxGetDevCapsA
OpenDriver
mmTaskSignal
CloseDriver
waveOutGetNumDevs
waveInGetErrorTextA
timeKillEvent
waveInPrepareHeader

opengl32

glTexCoord1fv
glTexEnviv
glVertexPointer
glVertex3d
glPixelTransferi
glVertex4sv
glNormal3b
GlmfCloseMetaFile
glRotated
glIndexsv

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ddb8101b41cde099a4ec1a80ae14fd0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

comdlg32

winmm

opengl32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 512B - Virtual size: 50B

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 512B - Virtual size: 50B