27d67603534ecfd6380ec34c14271ada_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27d67603534ecfd6380ec34c14271ada_JaffaCakes118
Size

218KB
MD5

27d67603534ecfd6380ec34c14271ada
SHA1

c72fc30861ff018a1985943b473159b96b06cbaa
SHA256

a36cec4fbe58d86907909055bfd737ae467b1c64779e1299abde474918d4ce60
SHA512

3848627003ba61aeae218b66c408de6ed9b1aae152f659df199e69438074147251072169c6ff95fa449156d68654db17adb731268e945fb9d137aef0e569d8b4
SSDEEP

3072:YU8qW2WjO+zSE4I4pZzIKJg74zymC/DGwxBRusKfTzngEvk5/iR:78qWXRzSlBZHJ6/iLsYzngEvk5/i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27d67603534ecfd6380ec34c14271ada_JaffaCakes118

Files

27d67603534ecfd6380ec34c14271ada_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35a129aaa4bbe3d3f16d053efcf6b764

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

ShellAboutW

comdlg32

PrintDlgW
GetSaveFileNameW
GetOpenFileNameW

comctl32

ImageList_LoadImageW
ImageList_GetIcon
PropertySheetW

netapi32

NetServerGetInfo
NetWkstaGetInfo
NetWkstaTransportEnum
NetWkstaUserEnum
NetApiBufferFree
NetStatisticsGet

mpr

WNetGetConnectionW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ntdll

NtQuerySystemInformation
wcscat
toupper
_wcsnicmp
wcsstr
wcschr
_itow
wcsrchr
memmove
wcsncpy
wcslen
_allmul
_chkstk
_wcsicmp
wcscpy
RtlExtendedLargeIntegerDivide

msvcrt

__p__commode
_adjust_fdiv
__p__fmode
_lfind
_exit
_wcsset
_controlfp
_except_handler3
__set_app_type
_XcptFilter
__p___initenv
__setusermatherr
__getmainargs
_initterm
exit

advapi32

RegConnectRegistryW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
CloseServiceHandle
OpenSCManagerW
RegCreateKeyExW
QueryServiceConfigW
OpenServiceW
EnumServicesStatusW
RegSetValueExW

kernel32

WriteFile
FindResourceW
LoadResource
LocalAlloc
LockResource
MultiByteToWideChar
GetModuleHandleW
lstrcmpW
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
CreateFileW
GetLastError
CloseHandle
CreateThread
TerminateThread
GetVersionExW
ExpandEnvironmentStringsW
lstrcpynW
GetEnvironmentStringsW
GetLogicalDriveStringsW
LocalFree
GetProcAddress
GetDriveTypeW
GetDiskFreeSpaceW
GetVolumeInformationW
SetErrorMode
FormatMessageW
GetLocaleInfoW
GetUserDefaultLCID
CreateProcessW
LocalSize
GetEnvironmentVariableW
lstrlenW
LoadLibraryW
lstrcpyW
lstrcmpiW
lstrcatW
GetComputerNameW

gdi32

AbortDoc
StartPage
GetTextExtentPoint32W
GetDeviceCaps
EndPage
StartDocW
TextOutW
DeleteDC
EndDoc

user32

SetFocus
SendDlgItemMessageW
GetKeyState
UpdateWindow
IsWindowEnabled
GetDC
ReleaseDC
CharNextW
GetDlgItemTextW
MapWindowPoints
IsIconic
BeginPaint
DrawEdge
EndPaint
GetWindowPlacement
DestroyWindow
GetDlgCtrlID
DialogBoxParamW
CreateDialogIndirectParamW
SetWindowTextW
wsprintfW
MessageBoxW
SetCursor
LoadCursorW
SendMessageW
GetDlgItem
GetParent
PostMessageW
EndDialog
SetDlgItemTextW
DestroyIcon
TranslateMessage
DispatchMessageW
SetWindowPos
GetWindowLongW
LoadStringW
GetClientRect
SetWindowLongW
GetSystemMetrics
CheckRadioButton
CreateDialogParamW
EnableWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetMessageW
DeleteMenu
GetMenu
IsDialogMessageW
SetForegroundWindow
RegisterClassW
GetWindowRect
PostQuitMessage
IsDlgButtonChecked
TranslateAcceleratorW
ShowWindow
LoadAcceleratorsW
LoadIconW
DefWindowProcW
DrawMenuBar
EnableMenuItem

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

35a129aaa4bbe3d3f16d053efcf6b764

Headers

File Characteristics

Imports

shell32

comdlg32

comctl32

netapi32

mpr

version

ntdll

msvcrt

advapi32

kernel32

gdi32

user32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 7KB - Virtual size: 29KB

.rsrc Size: 66KB - Virtual size: 65KB

.reloc Size: 75KB - Virtual size: 84KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 7KB - Virtual size: 29KB

.rsrc
Size: 66KB - Virtual size: 65KB

.reloc
Size: 75KB - Virtual size: 84KB