27564e9e75e4c6117da0c7d9baf7c678_JaffaCakes118

General

Target

27564e9e75e4c6117da0c7d9baf7c678_JaffaCakes118
Size

148KB
MD5

27564e9e75e4c6117da0c7d9baf7c678
SHA1

9fbd99356290bf7956c515a8ca3e9b41ae240aaa
SHA256

7264332907857ac90cc07ef30626933124f8faa397aa53d4ba60eabd422fba60
SHA512

a07dfe92ec5ccf37145e5d2f441081360376bb2fca6b4c4e74d7c9718b95a0ead23ab2596ce85c57ed3f0b918fc4dce7722d03c91b1299b4b605c42fd8838a1c
SSDEEP

768:mUapKvW4TZqtETZzhKAItQ/HWdRNP2lnqHysHfG2S7yLl459lsAa2SfrDv:gAW4kt8ZzhnIm/23N+lnfUierDv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27564e9e75e4c6117da0c7d9baf7c678_JaffaCakes118

Files

27564e9e75e4c6117da0c7d9baf7c678_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b3a95fd4224374927318a4a081162d0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

kernel32

GetSystemInfo
HeapDestroy
GetFileType
SetHandleCount
GetProcAddress
GetModuleHandleA
GlobalFree
ReadProcessMemory
GlobalAlloc
OpenProcess
CloseHandle
SetThreadContext
SuspendThread
Sleep
ResumeThread
WriteProcessMemory
VirtualProtectEx
GetThreadContext
ExitProcess
GetExitCodeThread
WaitForSingleObject
CreateRemoteThread
GetVersion
LoadLibraryA
GetModuleFileNameA
CreateThread
CreateMutexA
OpenMutexA
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
HeapReAlloc
VirtualAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
VirtualQuery
InterlockedExchange
RtlUnwind
GetEnvironmentStringsW
HeapFree
VirtualFree
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
HeapCreate

user32

LoadStringA
TranslateAcceleratorA
FindWindowA
ShowWindow
FlashWindow
GetSystemMetrics
LoadImageA
CreateDialogParamA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
LoadIconA
LoadCursorA
RegisterClassExA
DestroyWindow
MessageBoxA
LoadAcceleratorsA

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3a95fd4224374927318a4a081162d0c

Headers

File Characteristics

Imports

psapi

kernel32

user32

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 112KB - Virtual size: 111KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 112KB - Virtual size: 111KB