27e41c265244aeddfccd46827570e41f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27e41c265244aeddfccd46827570e41f_JaffaCakes118
Size

211KB
MD5

27e41c265244aeddfccd46827570e41f
SHA1

1978678d43aeef79fa7f1074030267ec919ac6a5
SHA256

019fa5664c6f784372b9817fdcf263abd08b8cacdaffac4cf7f817871663d354
SHA512

6ce3f359f9dc02a8ef7139f93fa9785884c73114719f5c6fc8be98c8ae11096e0f4395f349e1db0b10999c5ff002000b533a40d650fc76216c9c4387a44cb56d
SSDEEP

6144:K8C36V7tmK8c2FcjbIMiqc9tLx5YHP3dSBCXc:K88ksK8c2FcnpKrUcB7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27e41c265244aeddfccd46827570e41f_JaffaCakes118

Files

27e41c265244aeddfccd46827570e41f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91884515d8f8930756b027e0f9520370

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
CopySid
CryptDestroyHash
DeleteService
EqualSid
FreeSid
GetSecurityDescriptorDacl
OpenServiceW
OpenThreadToken
RegCreateKeyExW
RegDeleteValueA
RegDeleteValueW
RegEnumValueW
RegOpenKeyA
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
SetSecurityDescriptorDacl

gdi32

BeginPath
Chord
CloseEnhMetaFile
CreateBitmap
CreateDIBSection
DeleteDC
GetBrushOrgEx
GetCharWidthW
GetCharacterPlacementA
GetClipBox
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetTextExtentPointA
GetWindowExtEx
OffsetViewportOrgEx
OffsetWindowOrgEx
PolyBezierTo
RealizePalette
RectInRegion
SetBkColor
SetMapperFlags
SetMetaFileBitsEx
SetPolyFillMode
SetROP2
SetRectRgn
StartPage

kernel32

GetCurrentThread
GetFileAttributesW
GetFileSize
GetLocaleInfoW
GetSystemDefaultLCID
GlobalHandle
GlobalUnlock
HeapDestroy
IsBadCodePtr
IsBadWritePtr
IsDebuggerPresent
SetUnhandledExceptionFilter
SystemTimeToFileTime
TlsGetValue
UnhandledExceptionFilter

comctl32

DestroyPropertySheetPage
ImageList_AddMasked
ImageList_GetDragImage
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_Write

shell32

DragFinish
ExtractIconW
SHChangeNotify
SHGetDesktopFolder
SHGetPathFromIDList
SHGetSpecialFolderPathA
Shell_NotifyIconA

user32

CharLowerA
CheckMenuItem
DestroyWindow
DialogBoxParamA
DrawTextA
EnumWindows
GetActiveWindow
GetClassInfoA
GetClassNameA
GetDesktopWindow
GetMessageA
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetWindowDC
IsWindow
KillTimer
LoadBitmapA
PtInRect
SendDlgItemMessageA
SetForegroundWindow
SetScrollInfo
SetWindowTextA
WindowFromPoint

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

gq9ekmCn
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91884515d8f8930756b027e0f9520370

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

comctl32

shell32

user32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

gq9ekmCn Size: 512B - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

gq9ekmCn
Size: 512B - Virtual size: 120KB