27ea467643f0c586a23a19704bd3a8d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27ea467643f0c586a23a19704bd3a8d7_JaffaCakes118
Size

172KB
MD5

27ea467643f0c586a23a19704bd3a8d7
SHA1

e4c3919e6b19c66195010a8199d2c9b066f417a6
SHA256

863d2a08167479b5c6e28566b04cac0477c9a63a948cedf2e0f7ed88339daf62
SHA512

0e704b15de02418df8eccfdc0a52cf04ca990884afe53ae162c2ac406bd6bc42ec2bf8734300eeab0a15a1f2865f965be3fc5cda50e0c4b665df2097ceec7883
SSDEEP

3072:cq7KhUKtqvRoBWuVtbkcfv6/e/E54Drv/OebIP2YFt9Ke/MPN4dj1x:c1Vv62/nDrv/2l39K8J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27ea467643f0c586a23a19704bd3a8d7_JaffaCakes118

Files

27ea467643f0c586a23a19704bd3a8d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d90081634f40b6b3899bd5507d1e1d92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItem
IsDlgButtonChecked
SendMessageA
MoveWindow
ReleaseDC
DestroyWindow
CreateDialogParamA
UnregisterClassA
CheckDlgButton
GetDialogBaseUnits
IsDialogMessageA
IsWindow
WinHelpA
GetDlgItemTextA
SetWindowLongA
EnableWindow
GetDC
ShowWindow
SetDlgItemTextA
CharNextA

kernel32

GetVersionExA
GetModuleHandleA
LockResource
SizeofResource
FreeEnvironmentStringsW
HeapReAlloc
LoadResource
TlsGetValue
SetHandleInformation
VirtualAlloc
VirtualFree
SetLastError
CloseHandle
InitializeCriticalSection
GetSystemInfo
EnterCriticalSection
SetFilePointer
GetStdHandle
FreeLibrary
HeapAlloc
GetSystemTimeAsFileTime
LeaveCriticalSection
GetFileType
ExitProcess
TransmitCommChar
InterlockedExchange
GetCurrentProcess
FlushFileBuffers
FlushInstructionCache
GetOEMCP
GetCommandLineA
TerminateProcess
MulDiv
GetStringTypeW
MultiByteToWideChar
VirtualProtect
lstrlenA
lstrcpynA
GetCPInfo
UnhandledExceptionFilter
LoadLibraryA
DisableThreadLibraryCalls
TlsFree
GetEnvironmentStringsW
lstrcpyA
InterlockedDecrement
GetCurrentProcessId
EnumResourceNamesW
SetHandleCount
FreeEnvironmentStringsA
InterlockedIncrement
GetStringTypeA
lstrcatA
lstrcmpiA
GetThreadLocale
GetCurrentThreadId
VirtualQuery
HeapSize
QueryPerformanceCounter
LCMapStringA
GetProcessHeap
IsDBCSLeadByte
HeapCreate
GetModuleFileNameA
WriteFile
IsBadCodePtr
GetStartupInfoA
GetEnvironmentStrings
GetACP
ExitProcess
FindResourceA
GetLastError
TlsAlloc
GetLocaleInfoA
HeapDestroy
TlsSetValue
GetTickCount
IsBadWritePtr
WideCharToMultiByte
RtlUnwind
DeleteCriticalSection
LoadLibraryExA
SetStdHandle
IsBadReadPtr
GetProcAddress
lstrlenW
RaiseException
SetUnhandledExceptionFilter
LCMapStringW
HeapFree

gdi32

SelectObject
GetTextMetricsA
DeleteObject
GetTextExtentPointA
GetDeviceCaps
CreateFontIndirectA

msimg32

AlphaBlend
TransparentBlt

ole32

CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

shlwapi

PathFindExtensionA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d90081634f40b6b3899bd5507d1e1d92

Headers

File Characteristics

Imports

user32

kernel32

gdi32

msimg32

ole32

shlwapi

advapi32

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 46KB - Virtual size: 45KB

.crt Size: 512B - Virtual size: 208KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 46KB - Virtual size: 45KB

.crt
Size: 512B - Virtual size: 208KB