c27923d97a9cee86da72423c6b4a17ab_JaffaCakes118

General

Target

c27923d97a9cee86da72423c6b4a17ab_JaffaCakes118
Size

561KB
MD5

c27923d97a9cee86da72423c6b4a17ab
SHA1

88ced8198fd6c358288b6ab3238b171d62948d2a
SHA256

a1154d8bbe052e6c82b79d010379a06b20834071a68dd58809ae18caf8f00f0b
SHA512

bdc0aeb3c3af333aa3cba2befeeaca82e577bbb06c4cd553d4dafa2a1bf10fce94fca26434ebf8fa34e7ffaa3628277f9be56883b6e86df542dadcde1d328b4e
SSDEEP

12288:BVA/DcCw3+uF3EsNPO0IcbggFjmcyMndkuF9L5ZTYx:Bj0sMc8gFjmxMH9L5ZMx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c27923d97a9cee86da72423c6b4a17ab_JaffaCakes118

Files

c27923d97a9cee86da72423c6b4a17ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8d908a0fb5dbd2d134dfea608992d4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleWindowInfo
EnumResourceNamesW
RemoveDirectoryA
SetHandleCount
_lopen
ExitProcess
GetProfileIntA
CancelIo
EraseTape
GlobalFindAtomW
VirtualQueryEx
FormatMessageW
GetPrivateProfileSectionW
EnumDateFormatsW
SetEnvironmentVariableA
_lclose

version

VerFindFileA

user32

DestroyIcon
CreateAcceleratorTableW
ChildWindowFromPointEx
InflateRect
GetTabbedTextExtentA
EndDeferWindowPos
LoadIconA
IsChild
CopyIcon
GetWindowTextA
GetScrollBarInfo
AdjustWindowRectEx
CreateDialogIndirectParamW
PeekMessageA
CharPrevW
DrawFocusRect
AppendMenuW

oleaut32

SysAllocStringLen

advapi32

SetSecurityInfo
CryptDeriveKey
GetSecurityInfo
RegisterServiceCtrlHandlerW
SetTokenInformation
RegOpenKeyExA
ReportEventA
DeregisterEventSource
RegCloseKey
CreateProcessAsUserA
CloseEventLog
OpenEventLogW

ws2_32

WSASocketA
WSASend
setsockopt
WSALookupServiceBeginA
WSAConnect

msvcrt

strstr
_write
ungetc
_wcsnicmp
_wgetenv
_ltoa
_beginthreadex

Sections

.text
Size: 5KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8d908a0fb5dbd2d134dfea608992d4d

Headers

File Characteristics

Imports

kernel32

version

user32

oleaut32

advapi32

ws2_32

msvcrt

Sections

.text Size: 5KB - Virtual size: 220KB

.text Size: 512B - Virtual size: 6B

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 254KB - Virtual size: 254KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 5KB - Virtual size: 220KB

.text
Size: 512B - Virtual size: 6B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 254KB - Virtual size: 254KB

.rsrc
Size: 16KB - Virtual size: 15KB