27b08576fc7f1a88e9286df20177825e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27b08576fc7f1a88e9286df20177825e_JaffaCakes118
Size

304KB
MD5

27b08576fc7f1a88e9286df20177825e
SHA1

78971f81a55744053c99ac38910daee3182f5f11
SHA256

d4b63f72a3de3984c175fba7470054ce4e932f66f48f57eb32992cb9495fab25
SHA512

013d3e579735fb1469c37e03f91a1dafe7ac29bc05b6ee64113df90fca751a7a6415116d5ff3f2e335de15aca94b32eb6386243b94ce6795c292e2363fc347f9
SSDEEP

6144:xAngG887+kI8lvq6RSKfo6/+6qvg6IR2sM5v0L8EQ+:xAgG8p8xVRFbjsg5Rc5v0Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27b08576fc7f1a88e9286df20177825e_JaffaCakes118

Files

27b08576fc7f1a88e9286df20177825e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56ee7c23b5fafecd51842076343fb079

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
ExitProcess
ResetEvent
GetPriorityClass
IsDebuggerPresent
LoadLibraryA
GetFileAttributesA
SuspendThread
ResumeThread
FindAtomW
LocalFree
lstrlenA
MapViewOfFile
GetSystemTime
CloseHandle
GetPrivateProfileIntA
CreateFileMappingA
GetModuleHandleW
VirtualAlloc
GetComputerNameW

user32

GetDlgItem
DispatchMessageA
CreateWindowExA
GetMenu
DrawStateA
CloseWindow
FillRect
CallWindowProcA
GetCaretPos
GetClassInfoA
GetClientRect
DestroyCaret
EndDialog

rasapi32

RasDialA
DwRasUninitialize
DwEnumEntryDetails
DwCloneEntry
RasDeleteEntryA

catsrvut

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ