b27421ebe09a747280b108ec96ecbcd3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b27421ebe09a747280b108ec96ecbcd3_JaffaCakes118
Size

210KB
MD5

b27421ebe09a747280b108ec96ecbcd3
SHA1

7f5f90b04796b09a36e51b2d59a75186e4d05022
SHA256

c8bca243c8a465985c1cf8eb1f07eeeaae70e247ea584d18344d3b375b20f806
SHA512

ae2cec05a50395fee77b87ddb0bbfe80040d90f186bca00c761f3066717b6de5422bc5b9250548ed64c68646cc2c54be4dc9158735ab86e60814c17a13237651
SSDEEP

3072:y4oZ+KWlG2loX52nZvlUk4TqNsJxXcF3bziv6V0b6za2fsZOqMY:to8nfO2ZvIT7J2iv/GOOU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b27421ebe09a747280b108ec96ecbcd3_JaffaCakes118

Files

b27421ebe09a747280b108ec96ecbcd3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c7d35cfeb0a6009483577b931b14812

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GetCurrentThreadId
GetFileSize
GetShortPathNameA
GetStartupInfoW
GetSystemDirectoryA
IsValidCodePage
OpenProcess
ReadFile
VirtualQuery

comctl32

CreatePropertySheetPageW
CreateToolbarEx
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_ReplaceIcon
InitCommonControlsEx

user32

CreatePopupMenu
DestroyWindow
EnumThreadWindows
GetMenuState
GetMessagePos
GetParent
GetScrollRange
GetSubMenu
GetWindowDC
GetWindowLongA
IsWindowEnabled
LoadBitmapA
OffsetRect
ReleaseCapture
ScrollWindow
SetWindowLongA
SetWindowPlacement
WindowFromPoint
wsprintfA

advapi32

AddAccessAllowedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
CryptCreateHash
CryptGenRandom
GetTokenInformation
GetUserNameA
LookupPrivilegeValueA
LookupPrivilegeValueW
OpenSCManagerW
OpenServiceW
QueryServiceStatus
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyW
RegEnumValueW
RegOpenKeyA
RegQueryInfoKeyA
RegQueryValueA
RegQueryValueExA
RevertToSelf

shell32

DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileW
ExtractIconA
ExtractIconExA
SHBindToParent
SHBrowseForFolderA
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfo
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetMalloc
ShellExecuteEx
ShellExecuteExW
Shell_NotifyIconW

gdi32

CopyMetaFileW
CreateDIBPatternBrushPt
CreateDIBSection
EndPage
EnumFontsA
Escape
ExtTextOutW
FillRgn
GetBkColor
GetDIBColorTable
GetRgnBox
GetTextExtentPoint32W
IntersectClipRect
PlayMetaFile
PolyBezierTo
PtVisible
RemoveFontResourceA
RestoreDC
RoundRect
SetColorAdjustment
SetTextCharacterExtra

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

36Y4t1PU
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c7d35cfeb0a6009483577b931b14812

Headers

File Characteristics

Imports

kernel32

comctl32

user32

advapi32

shell32

gdi32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

36Y4t1PU Size: 2KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

36Y4t1PU
Size: 2KB - Virtual size: 120KB