27fc0815168134fd2091785c91f82d45_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27fc0815168134fd2091785c91f82d45_JaffaCakes118
Size

440KB
MD5

27fc0815168134fd2091785c91f82d45
SHA1

857956b51517f82fc56c673503237b83e0f7e5f9
SHA256

e25426ec15f4fefef7a104df0fb570d70f4595cc196e7dca1edb48d682b116ec
SHA512

533166354965d202a8b59372d41b9076ec8282ab037d4864b4f6ab79ba2b588ad1ca64363a23864574caf2dbbfcac9775ff7b7a64ba43946974011a32a6353b2
SSDEEP

12288:lCCm1qu3H3Ws1SbwdfnBChZf+Aroq58K+c:lJ6qu3HmssbwdQL+qV583c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27fc0815168134fd2091785c91f82d45_JaffaCakes118

Files

27fc0815168134fd2091785c91f82d45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1832cb75576bc803996a2966abafd90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
Sleep
HeapSize
WideCharToMultiByte
GetCommandLineW
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
lstrlenW
VirtualQuery
GlobalUnlock
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
GetEnvironmentStringsW
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
CompareStringA
FindFirstFileA
CreateProcessA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetEvent
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetVersion
GetLocaleInfoA
SetEndOfFile
GetCurrentThread
GetConsoleMode
GlobalAlloc
InterlockedDecrement
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
LoadLibraryExA
lstrcmpiW
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
GetEnvironmentVariableA
FormatMessageW
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
LoadLibraryW
GetCPInfo
GetTempPathA
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
lstrcatA
LocalAlloc
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
WriteConsoleA
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
LockResource
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
GetCurrentThreadId
SizeofResource
IsValidCodePage
HeapCreate
FindResourceW
VirtualFree
FindResourceA
CreateEventW
VirtualAlloc

advapi32

RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCloseKey

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

user32

CheckMenuItem
SetWindowTextA
EndDialog
SetWindowLongA
ReleaseCapture
PostMessageA
IsIconic
GetWindowRect
GetSystemMetrics
BeginPaint
SetFocus
FillRect
CreateWindowExA
GetWindowLongA
RegisterClassA
EnableMenuItem
GetWindow
TranslateMessage
EnableWindow
ShowWindow
wsprintfA
UpdateWindow
GetParent
GetMessageA
DestroyWindow
GetActiveWindow
GetClientRect
GetCursorPos
GetDC
SetForegroundWindow
EndPaint
DispatchMessageA
IsWindow
SetWindowPos
ReleaseDC
PostQuitMessage
InvalidateRect
SendMessageA
CallWindowProcA
GetFocus
SetCursor
GetDlgItem
ClientToScreen
LoadCursorA
LoadIconA
TrackPopupMenu
GetDesktopWindow
GetSystemMenu
ScreenToClient
MessageBeep
SetDlgItemTextA
MoveWindow
MessageBoxA
GetSysColor
SystemParametersInfoA
IsWindowVisible
DefWindowProcA
DrawTextA

gdi32

BitBlt
SetBkColor
DeleteObject
GetDeviceCaps
CreateFontIndirectA
CreateCompatibleDC
CreateSolidBrush
SelectObject

msvcrt

_strcmpi
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_controlfp
_except_handler3

Sections

.text
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1832cb75576bc803996a2966abafd90

Headers

File Characteristics

Imports

kernel32

advapi32

version

user32

gdi32

msvcrt

Sections

.text Size: 304KB - Virtual size: 303KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 104KB - Virtual size: 102KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 304KB - Virtual size: 303KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 104KB - Virtual size: 102KB

.rsrc
Size: 4KB - Virtual size: 2KB