c27f78b3bd138f3bed277a88eec2182e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c27f78b3bd138f3bed277a88eec2182e_JaffaCakes118
Size

64KB
MD5

c27f78b3bd138f3bed277a88eec2182e
SHA1

84cc03f7518d75cfc5811eec02ccd5077407c85c
SHA256

962c9a8a2715473fbbb98d734b93fe931a7ac5406e35302152958a68e2e104d0
SHA512

f2454a14a8c15a66445e993afa1a2676b871d2f79857de3811341d922a212909c60cb12e7d4f51bb73651eee9167f90740f01c522f329347be59edb3a81a1d56
SSDEEP

768:xT3R8oz+so9PlzEF1VsJyQMvqvkJCxfUzNjRlzFWIGWlrLPnO:xTiozT1vXUkYxfUZUYl3fO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c27f78b3bd138f3bed277a88eec2182e_JaffaCakes118

Files

c27f78b3bd138f3bed277a88eec2182e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e12d7ec79f48b10d1735e2610b5fdac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceA
InterlockedDecrement
WideCharToMultiByte
lstrlenW
FreeResource
GetUserDefaultLangID
RaiseException
LocalFree
SizeofResource
LoadLibraryA
GetProcAddress
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CreateFileA
LockResource
WriteFile
GetLocalTime
Sleep
GetModuleFileNameA
CreateMutexA
GetLastError
lstrlenA
CloseHandle
MultiByteToWideChar
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapSize
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetOEMCP
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetCPInfo
GetACP

user32

wsprintfA
SendMessageA
FindWindowExA
RegisterClassExA
GetClientRect
MessageBoxA
GetMessageA
PostMessageA
DefWindowProcA
TranslateMessage
DispatchMessageA
CreateWindowExA

gdi32

GetStockObject

advapi32

RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA

ole32

CoCreateInstance
OleInitialize
OleUninitialize

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

wininet

HttpSendRequestA
InternetOpenA
InternetConnectA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA

version

VerQueryValueA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e12d7ec79f48b10d1735e2610b5fdac1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

version

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 824B

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 824B