27ff52b4715e41c51956399fcf00983d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27ff52b4715e41c51956399fcf00983d_JaffaCakes118
Size

264KB
MD5

27ff52b4715e41c51956399fcf00983d
SHA1

3868137a2714025fc0dc32a3701095b67fe47d4b
SHA256

d284ca7b15420afa5e721ed2d17e34985593896f8550f91f151dddfefd81b23e
SHA512

496d9bb1e6b6aed6351b323e704e7a32bf7fc3a5b6eefc3399c403ece7fe7c7844bff22d6a7b8ac6cb6914bdd03663ca30fdaa243e18da47e29ddbb5d6aa7814
SSDEEP

6144:dKLS2Ed1gH7bM0URp3QYME8ybcoYpPrFz:dKLS2EYbbDeppt8YU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27ff52b4715e41c51956399fcf00983d_JaffaCakes118

Files

27ff52b4715e41c51956399fcf00983d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a54ea9bf038a87de7ef7483d84384e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegCreateKeyA
RegDeleteValueW
RegCreateKeyA
RegEnumValueW

kernel32

OpenFile
FlushFileBuffers
GetFileTime
GetCommandLineA
CreateDirectoryA
HeapAlloc
DeleteFileW
OpenFileMappingA
ExitProcess
lstrcmpA
GetCPInfo
GetLastError
lstrlenA
DeleteFileA
FormatMessageA
WriteFile
GetPriorityClass
GetLocalTime
ReadFile
ExitThread

user32

CloseWindow
LoadMenuA
AppendMenuA
LoadCursorA
GetWindowTextLengthA
GetFocus
DrawTextA
EndDialog

Sections

.2fg6d
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.3a44
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bh95
Size: 221KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.443c2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.b1dge
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE