27ef861ae76bd34e4013335a625e68f8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27ef861ae76bd34e4013335a625e68f8_JaffaCakes118
Size

340KB
MD5

27ef861ae76bd34e4013335a625e68f8
SHA1

bff260ce148d3787d0c3a5981381d34f50bf6331
SHA256

d5c09070ac2beda6ffda7b1dbe74c57c6cd1f654c87d05c09c9fc5dd945de33d
SHA512

d462a2c93364e7f3602b3bfab5add4bcf1d41da93ec6677e442aa3836a6328519baa2c61436e4822d054b83fd600e4a97aa09c47033bc58e277e4873ac4314cd
SSDEEP

6144:uh2xn/Bulx9k/3e9SYsyvryjyD/cgaJKYH8o+/X51Dc908YmbbBnln9lSwtQj:nn/weOSYjryxxJ3Hh+fY08YmbbNlnqpj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27ef861ae76bd34e4013335a625e68f8_JaffaCakes118

Files

27ef861ae76bd34e4013335a625e68f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4c461f001135a94b1f9df9597af8d01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesW
CreateFileA
GetFileAttributesA
GetDateFormatW
FlushFileBuffers
GetProfileStringA
WriteFileEx
LocalLock
PulseEvent
GlobalGetAtomNameW
SystemTimeToFileTime
SuspendThread
CreateIoCompletionPort
lstrcmpW
GetShortPathNameW
GetStdHandle
GetSystemTimeAsFileTime
GetFileInformationByHandle
GetThreadContext
GlobalFree
OpenMutexW
GetVersion
GetProfileIntW
LoadLibraryW
SetCommMask
SetProcessShutdownParameters
CreateNamedPipeA
DeleteFiber
_hread
GetCurrentProcess
EnumResourceNamesA
OutputDebugStringW
GetPrivateProfileIntW
GetDriveTypeA
GetPrivateProfileIntA
LockResource
HeapDestroy
ReadConsoleA
HeapSize
GetDiskFreeSpaceExA
SetCommBreak
GlobalUnlock
CreateThread
OpenFile
_lclose
FlushViewOfFile
GetTempFileNameW
GetLongPathNameA
InitializeCriticalSectionAndSpinCount
FillConsoleOutputCharacterW
DefineDosDeviceA
CreateDirectoryExA
BackupWrite
UnmapViewOfFile
WriteConsoleOutputCharacterA
GetStringTypeExA
GetFileAttributesW
ExitThread
TransactNamedPipe
FreeConsole
GetStringTypeExW
UpdateResourceA
GetTapePosition
SetWaitableTimer
HeapAlloc
WriteConsoleW
WriteTapemark
MoveFileExW
GlobalFlags
lstrcpyW
SetEnvironmentVariableA
FindAtomW
EscapeCommFunction
IsBadReadPtr
EnumSystemLocalesA
RaiseException
GetModuleHandleA
SetStdHandle
BackupSeek
FreeLibrary
AddAtomW
SetHandleInformation
lstrcmpiW
GetLogicalDrives
SetConsoleTitleA
GlobalAlloc
FindNextFileW
GetStringTypeA
VirtualAlloc
FindFirstFileA
TlsFree
SetProcessAffinityMask
WaitForMultipleObjectsEx
WritePrivateProfileSectionA
CloseHandle
SetConsoleWindowInfo
VirtualProtect
GetCommandLineA
GetVersionExA
lstrlenA
ReadConsoleW
ExitProcess

user32

LoadMenuW
DestroyCaret
SetWindowLongW
EnumWindows
MessageBoxIndirectW
GetParent
MessageBeep
CharLowerBuffW
EnableWindow
DrawIcon
GetUserObjectInformationW
FrameRect
DefWindowProcA
CharNextA
GetMenuItemID
GetClipboardFormatNameW
SetDlgItemInt
UnregisterDeviceNotification
GetWindowWord
OemKeyScan
CallWindowProcA
ShowWindowAsync
MessageBoxW
DestroyCursor
FlashWindowEx
SendMessageTimeoutW
PtInRect
EqualRect
DialogBoxIndirectParamW
CharUpperBuffW
PeekMessageA
GetSysColorBrush
GetScrollPos
PostMessageA
MsgWaitForMultipleObjectsEx

gdi32

GetCharWidth32W
GetWindowOrgEx
SetMetaFileBitsEx
SetBkMode
StretchBlt
OffsetRgn
GdiFlush
ExtSelectClipRgn
GetEnhMetaFilePaletteEntries
GetTextExtentPointA
FillRgn
PlayMetaFileRecord
PolyPolyline
RoundRect
SetColorAdjustment

comdlg32

ReplaceTextA

advapi32

GetSecurityInfo
LogonUserW
CryptSetHashParam
CloseEventLog
RegEnumKeyExA
LookupAccountSidW
RegOpenKeyW
LockServiceDatabase
AllocateAndInitializeSid
RegRestoreKeyA
ImpersonateSelf
StartServiceCtrlDispatcherA
CryptGetUserKey
MakeSelfRelativeSD

shell32

ShellExecuteExW
SHGetPathFromIDListA
SHGetSpecialFolderLocation

oleaut32

GetActiveObject
SafeArrayCreate
SafeArrayGetUBound
SafeArrayRedim
SafeArrayGetElement
CreateErrorInfo
LoadTypeLi
SafeArrayPutElement
VariantCopyInd

comctl32

CreatePropertySheetPageA
ImageList_GetImageCount

shlwapi

SHQueryValueExW
StrToIntW
StrRetToStrW
PathRemoveBlanksA
PathFindNextComponentW
PathRenameExtensionW
SHGetValueA

setupapi

SetupDiGetClassDescriptionW
SetupFindNextLine
SetupDiOpenDevRegKey
SetupScanFileQueueW
SetupDiCreateDeviceInfoW
SetupInstallServicesFromInfSectionA
SetupGetLineTextA
SetupInitDefaultQueueCallback
SetupCommitFileQueueA
SetupDiSetDeviceInstallParamsA
SetupCloseFileQueue

Sections

.text
Size: 320KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d4c461f001135a94b1f9df9597af8d01

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 320KB - Virtual size: 316KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 5KB

.text
Size: 320KB - Virtual size: 316KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 5KB