27e4311ca2e8b3ccb4b488b7ac4d4689_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27e4311ca2e8b3ccb4b488b7ac4d4689_JaffaCakes118
Size

112KB
MD5

27e4311ca2e8b3ccb4b488b7ac4d4689
SHA1

0a8dffe8fe466f1c940269fe75d06f1552a350ad
SHA256

be437d521d29507e43803436e693861523e2eb50d60145e37a2751ffc38cc636
SHA512

76bbf374fe88672952e2e0ab4a8e50c44a52185d614689711aa745dcc4b6abfa3c4031b72b64d0b0278fa8538893f4a60bde325ea27f08d81b3382a829d4c26d
SSDEEP

3072:2nMosS4aBFWZa16lDBcjkZFty+N8POAtxkSDb5KgZ:2Mox5FkGowkF4u8WYxky5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27e4311ca2e8b3ccb4b488b7ac4d4689_JaffaCakes118

Files

27e4311ca2e8b3ccb4b488b7ac4d4689_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bee4433a3da98cde31c31a2e9ecdabb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

kernel32

GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

user32

GetActiveWindow
PostQuitMessage
SetWindowLongW
ShowWindow
TranslateMessage

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 107KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ