27d5214657f09343fae800afdd7a1fc0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27d5214657f09343fae800afdd7a1fc0_JaffaCakes118
Size

11KB
MD5

27d5214657f09343fae800afdd7a1fc0
SHA1

8d02a8ac4e5c4165b679f4997004b6482193f2ff
SHA256

572ad06d54dde5153de629a8ec43ec91d8a82d27bae160178c507f657e48bdb0
SHA512

65276ffaae468ab210cb5e76725490cceb5694678edcd8042880e79dec75ce4d0e2125db2a403158fd9480259bfb9635c537e3ba152bf669c061688dca71c9eb
SSDEEP

192:7zMPkvaVtNFeWJqrp3IfM3CyiGn3TZhD+8Og+TrP:7zMkvgLcpYE3CyiGDqsET

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27d5214657f09343fae800afdd7a1fc0_JaffaCakes118

Files

27d5214657f09343fae800afdd7a1fc0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

67d00b0e590cebf29f3f76e1f162cd91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
LoadResource
GetModuleHandleW
SetFileTime
WriteFile
GlobalAlloc
GetSystemDirectoryW
Sleep
SizeofResource
CreateFileW
lstrlenW
GetTempPathW
RtlMoveMemory
GetLastError
GlobalFree
LockResource
CreateEventW
lstrcatW
GetFileTime
CloseHandle
GetSystemTime

user32

wsprintfW

shell32

ShellExecuteW

shlwapi

SHRegCreateUSKeyW
PathAppendW
SHRegSetUSValueW
SHRegCloseUSKey

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ