27d3bdcc875600f1f0c3396ad504b693_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27d3bdcc875600f1f0c3396ad504b693_JaffaCakes118
Size

183KB
MD5

27d3bdcc875600f1f0c3396ad504b693
SHA1

e713a35f2f04de57ea75ee32ae2ddab314ae85bf
SHA256

163c85236dee9caa210c8181d02840c50d9aee5626461d97cff43a44fadd39f6
SHA512

e2964852adb0ad8bd7ea4c48a29b293fc3ff6e163462997e385e58c6941de613be051da993f0ebc604478889d7a295882d28ace902100167660d4cd0a605c1d0
SSDEEP

3072:O3NcouYds5FD8AelcYMu6dddVKPI7aDDDMkioN:O3NcpDFQAeiYMu2fkPEuDMi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27d3bdcc875600f1f0c3396ad504b693_JaffaCakes118

Files

27d3bdcc875600f1f0c3396ad504b693_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad8509685d4c89a3958845169c8e44f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoRevokeClassObject
CoTaskMemFree
CoTaskMemAlloc
CoRetireServer
OleInitialize
OleUninitialize
OleIsCurrentClipboard
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CoCreateInstance
CreateILockBytesOnHGlobal
OleFlushClipboard
CoUninitialize
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CLSIDFromProgID
CoGetClassObject
CLSIDFromString

kernel32

CreateDirectoryW
MoveFileW
WideCharToMultiByte
FindNextFileW
GetCalendarInfoW
GetModuleFileNameW
GetVersion
CreateFileW
GetCurrentProcessId
GetLocaleInfoW
DeleteFileW
LocalFileTimeToFileTime
MultiByteToWideChar
GetSystemDefaultLangID
GetFileAttributesW
WriteFile
EnumResourceNamesA
GetCurrentDirectoryW
EnumResourceLanguagesW
SetFileTime
ConvertDefaultLocale
RemoveDirectoryW
InterlockedDecrement
LoadLibraryW
lstrcpyW
ExitProcess
ReadFile
FindClose
SystemTimeToFileTime
SetFilePointer
FindFirstFileW
GetProcAddress

user32

SetRect
SetPropW
GetNextDlgTabItem
GetClassInfoExW
CopyAcceleratorTableW
RegisterWindowMessageW
GetPropW
InvalidateRect
RemovePropW
SendDlgItemMessageA
GetClassLongW
GetNextDlgGroupItem
WinHelpW
CharNextW
MessageBeep
CharUpperW
CreateWindowExW
InvalidateRgn
IsRectEmpty
DestroyMenu

gdi32

GetMapMode
DeleteDC
PtVisible
GetBkColor
SetWindowExtEx
TextOutW
ScaleViewportExtEx
SelectObject
SetViewportOrgEx
GetDeviceCaps
ExtTextOutW
RectVisible
OffsetViewportOrgEx
Escape
ScaleWindowExtEx
GetTextColor
GetStockObject
ExtSelectClipRgn
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegQueryValueW
RegOpenKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathFileExistsW
PathIsUNCW
PathFindExtensionW
PathAppendW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad8509685d4c89a3958845169c8e44f1

Headers

File Characteristics

Imports

ole32

kernel32

user32

gdi32

shell32

advapi32

oleacc

shlwapi

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 71KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 372KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 71KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 372KB