27b900866b218930524af75204b99a52_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

27b900866b218930524af75204b99a52_JaffaCakes118
Size

214KB
MD5

27b900866b218930524af75204b99a52
SHA1

719a7bb76ef5b794a69232cd046db5470f703e9b
SHA256

e0e4e5c37e04072968062f0bbddb79d3b8acae34b1fac85e51a60d5ed83a4884
SHA512

e17a8d399ff03caacd5778585fe236a7a4a7be0867a794637fa46c345012a1d374b234d40c8e4b15f9df9072f0ac90be48d61c1e2d35cff8ebe4ee90dfb91eaf
SSDEEP

3072:KacQmF1bS3enkCHzQAIcZ8h5VgA/RPRgCScfQxUBCy3wVpE4xioXuTJvsARSct:a3LR1Im83dZRg/chB9gTlUJE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27b900866b218930524af75204b99a52_JaffaCakes118

Files

27b900866b218930524af75204b99a52_JaffaCakes118
.dll windows:4 windows x86 arch:x86

af99369a46eb2a5e26ea52c012a08df2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ClientToScreen
CreateWindowExA
GetActiveWindow
GetWindowPlacement
SetTimer
IsWindowUnicode
ReleaseCapture
RegisterClipboardFormatA
ShowScrollBar
DefFrameProcA
MessageBeep
UpdateWindow
MoveWindow
DefWindowProcA
DeleteMenu
RedrawWindow
MsgWaitForMultipleObjects
CheckMenuItem
GetKeyboardLayoutNameA
PeekMessageW
LoadKeyboardLayoutA
InsertMenuItemA
LoadBitmapA

ole32

CoUnmarshalInterface
CoGetContextToken
OleRun
OleRegGetUserType
MkParseDisplayName

oleaut32

SafeArrayUnaccessData
VariantCopyInd
RegisterTypeLib
SysFreeString
SysStringLen

kernel32

GetUserDefaultLCID
LocalAlloc
ExitThread
VirtualFree
LoadLibraryA
CreateThread
lstrlenA
LoadLibraryExA
Sleep
GetCommandLineA
GetModuleHandleA
GetCurrentThread
VirtualAlloc
GetProcAddress
ExitProcess

advapi32

RegLoadKeyA

gdi32

CreatePenIndirect
GetClipBox
GetBitmapBits
SetPixel
CreateDIBSection
SetBkColor
CreateFontIndirectA
SetBkMode
GetDIBits

shlwapi

PathGetCharTypeA
SHQueryValueExA
PathIsDirectoryA
PathIsContentTypeA
PathFileExistsA
SHStrDupA
SHSetValueA
SHGetValueA

comdlg32

GetSaveFileNameA
ChooseColorA
GetOpenFileNameA
GetFileTitleA
FindTextA

msvcrt

wcsncmp
clock
swprintf

Sections

CODE
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 1024B - Virtual size: 903B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 558B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af99369a46eb2a5e26ea52c012a08df2

Headers

File Characteristics

Imports

user32

ole32

oleaut32

kernel32

advapi32

gdi32

shlwapi

comdlg32

msvcrt

Sections

CODE Size: 29KB - Virtual size: 28KB

.data Size: 161KB - Virtual size: 160KB

.rdata Size: 11KB - Virtual size: 174KB

.adata Size: 1024B - Virtual size: 903B

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 1024B - Virtual size: 558B

CODE
Size: 29KB - Virtual size: 28KB

.data
Size: 161KB - Virtual size: 160KB

.rdata
Size: 11KB - Virtual size: 174KB

.adata
Size: 1024B - Virtual size: 903B

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 1024B - Virtual size: 558B