27ff5c9b37e3a482932738029f5d982b_JaffaCakes118

General

Target

27ff5c9b37e3a482932738029f5d982b_JaffaCakes118
Size

47KB
MD5

27ff5c9b37e3a482932738029f5d982b
SHA1

af9a33e9ca00ccac4646252e049c73f8ac18d73b
SHA256

7a16ec7396332879ba90f1662e149cf1931dddb0cbfe12b65c07c27bcf418cac
SHA512

b0c3c2f004420900eb81190aad3604eeab53c4fbf736407616c5a134249038c9d4be3de8593ddcb7e729fc7e728143c8417ca6cefc8147a33caa1d6122593f12
SSDEEP

768:sB2TTg+tuPele1CIzBQ00mmhMSeAuB7n8ldVO+lQ4Uerm2q1IexeOcKVhtIt09nP:02TTg852miAuBIldo+lPrm2VOPtIE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27ff5c9b37e3a482932738029f5d982b_JaffaCakes118

Files

27ff5c9b37e3a482932738029f5d982b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b766c908ff89dcac024e71ed53754c88

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateThread
CreateToolhelp32Snapshot
ExitProcess
ExitThread
FindClose
FlushFileBuffers
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetProcessHeap
GetStdHandle
GetSystemInfo
GetTempFileNameA
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GlobalHandle
HeapAlloc
HeapDestroy
InitializeCriticalSection
InterlockedCompareExchange
InterlockedIncrement
LeaveCriticalSection
Module32First
MoveFileA
OutputDebugStringA
QueryPerformanceCounter
ReadProcessMemory
ResetEvent
SetEndOfFile
SetEvent
SetPriorityClass
SetStdHandle
Sleep
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcpyA
lstrcpynA
lstrlenA

user32

DialogBoxParamA
DispatchMessageA
GetCapture
SetCapture
wsprintfA

advapi32

GetUserNameA
QueryServiceStatus
RegDeleteValueA
RegQueryInfoKeyA
SetServiceStatus

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b766c908ff89dcac024e71ed53754c88

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 1KB - Virtual size: 10KB

.bss Size: 8KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 1KB - Virtual size: 10KB

.bss
Size: 8KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB