27fe9dcb89cf46606e5efefa43b391b8_JaffaCakes118 | Triage

Sharing

General

Target

27fe9dcb89cf46606e5efefa43b391b8_JaffaCakes118
Size

248KB
MD5

27fe9dcb89cf46606e5efefa43b391b8
SHA1

b3d33a052dc5a3175df2819b676d5ec38ce6edfd
SHA256

2bc25529b2883c0c806ced96fe730ee054813726e0d949ef6074684b67f64d1a
SHA512

d1c2d77852a3734f3913ca62a2ae241ca7b3fb462fc98c2fe4a059a8403cf62cd14dbe4c7497cbfc2b791441bdd7f509dd19bcf7770950ce36f884105a17218e
SSDEEP

6144:VfuY/bwcK+4yIi9V8p6GUC4vTT+rDhZObiaUletybL4LMrMTZP8CSqSt:AY/JbVZ92UGUjvTyvhgrUiKVrO8Jx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27fe9dcb89cf46606e5efefa43b391b8_JaffaCakes118

Files

27fe9dcb89cf46606e5efefa43b391b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52ce07c75f35c8989525094d469108f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

GetUserNameExW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

user32

CreateWindowExW

kernel32

LocalAlloc
GetModuleHandleW
WideCharToMultiByte
lstrcpynW
GlobalUnlock
GlobalLock
GlobalAlloc
FlushInstructionCache
GetCurrentProcess
lstrcmpW
MulDiv
SetLastError
WaitForSingleObject
HeapSetInformation
GlobalFree
DeleteCriticalSection
GetTickCount
MultiByteToWideChar
lstrlenA
GlobalHandle
FormatMessageW
InterlockedDecrement
InterlockedIncrement
CreateFileW
CloseHandle
LocalAlloc
GetLocaleInfoW
GetComputerNameW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
InterlockedExchange
OpenProcess
GetModuleFileNameW
GetProcessId
CreateThread

oleaut32

VariantInit
DispGetIDsOfNames
OleTranslateColor
RevokeActiveObject
SetErrorInfo

msvcrt

_controlfp

Sections

.text
Size: 139KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ