27f2262b4ac80c13002ec126b1eedf5b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27f2262b4ac80c13002ec126b1eedf5b_JaffaCakes118
Size

44KB
MD5

27f2262b4ac80c13002ec126b1eedf5b
SHA1

a9e581859f3d4c25900552ad0b1d745e05bc55bb
SHA256

db7fb9bdc84a8895c3c6da29f979a289251f5555e440711dd0faf661bee4c238
SHA512

bf1111baeab82399a9b9df17c8e0f751eb9c7786143d30f9a124ae6341bf3b83b526293f8082dab9cdefbbe8cfad91a35639d2de0b77e8a8c1be00a99b88b1d7
SSDEEP

768:pHTcBHAfO8jkrLBNQqbB+oHCX5sjzA+D1RPzl2FdtI:pHTcBIOLrLHbbB+V5sjBnzl2F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27f2262b4ac80c13002ec126b1eedf5b_JaffaCakes118

Files

27f2262b4ac80c13002ec126b1eedf5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8de364a2eedf1e8bc5a9f9db8f673fb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetLastError
GetSystemDirectoryA
GetCurrentDirectoryA
GetTickCount
GetSystemTimeAdjustment
GetCPInfo
AreFileApisANSI
lstrcpyA
GetProcAddress
GetVersion
GlobalMemoryStatus
VirtualAlloc
VirtualProtect
IsValidLocale
GetProcessHeap
GetUserDefaultLangID
GetCurrentProcess
GetCurrentProcessId
GetLogicalDriveStringsA
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
IsBadStringPtrA
GetConsoleCP
GetConsoleOutputCP
GetSystemInfo
GetCurrentThreadId
QueryPerformanceCounter
GetWindowsDirectoryA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetCurrentThread
TerminateThread

user32

GetKBCodePage
IsWindow
GetSysColor
GetActiveWindow
GetFocus
GetDesktopWindow
GetKeyboardType
GetCapture
GetDoubleClickTime

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE