27bd19c0ed168f36851a9707d81328eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27bd19c0ed168f36851a9707d81328eb_JaffaCakes118
Size

376KB
MD5

27bd19c0ed168f36851a9707d81328eb
SHA1

4127d8e5c4110812c85e165e91454daedf622b0a
SHA256

699331ababdce929f575bed76c1eb57e2de1ca3b2a5d101e06be440fba7daee9
SHA512

2ab8e09b8a158e2cf8882dfa41331af5b7e3a5a077b7b81abff26296a3ea2af89f50d2420e7588d163eb53768fd9f3ddc31de43867f7fb2647fc892c93e39a87
SSDEEP

6144:A+JbeOGpGZyp3BlY9NvNg0uqNw04qJEEMytArzVmB/Y7HDsug:A+JDGoZ4HYO0uqevE8fVoYDD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27bd19c0ed168f36851a9707d81328eb_JaffaCakes118

Files

27bd19c0ed168f36851a9707d81328eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1560339123a1a6b192af4eeafaa4f9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetFileSize
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
GetStartupInfoW
ExitProcess
RtlUnwind
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
GetDriveTypeA
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
DuplicateHandle
GetThreadLocale
GetProcessVersion
GetCurrentDirectoryW
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
FindNextFileW
FindFirstFileW
FindClose
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
lstrcpynW
EnterCriticalSection
FormatMessageW
LocalFree
InterlockedDecrement
InterlockedIncrement
MulDiv
SetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenA
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GlobalUnlock
GlobalFree
InterlockedExchange
LockResource
FindResourceW
LoadResource
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrlenW
GetCurrentThread
GetCurrentThreadId
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
VirtualFreeEx
GetModuleFileNameW
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
VirtualProtect
GetTickCount
CreateToolhelp32Snapshot
GetLastError
Process32FirstW
DeleteFileW
CopyFileW
GetProcAddress
Thread32First
OpenThread
QueueUserAPC
Thread32Next
CloseHandle
Process32NextW
GetModuleHandleW
GetCommandLineA
Sleep

user32

CharUpperW
RegisterClipboardFormatW
PostThreadMessageW
LoadStringW
GetSysColorBrush
PtInRect
GetClassNameW
LoadCursorW
GetDesktopWindow
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
CheckRadioButton
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
DestroyMenu
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgCtrlID
DefWindowProcW
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
RegisterWindowMessageW
OffsetRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableW
CharNextW
GetFocus
GetNextDlgTabItem
GetMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
SetCursor
PostQuitMessage
PostMessageW
FindWindowW
GetWindowThreadProcessId
wsprintfW
LoadIconW
EnableWindow
GetClientRect
IsIconic
SendMessageW
DrawIcon
PeekMessageW
TranslateMessage
DispatchMessageW
GetSystemMetrics
GetWindowTextW
UnregisterClassW

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetTextColor
GetBkColor
LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
DPtoLP
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

AdjustTokenPrivileges
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW

comctl32

ord17

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleFlushClipboard
CoRegisterMessageFilter
CoRevokeClassObject

olepro32

ord253

oleaut32

SysStringLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

wininet

InternetCloseHandle
InternetGetLastResponseInfoW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetOpenUrlW

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1560339123a1a6b192af4eeafaa4f9f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 24KB - Virtual size: 20KB

.vmp0 Size: 124KB - Virtual size: 120KB

.reloc Size: 4KB - Virtual size: 132B

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 24KB - Virtual size: 20KB

.vmp0
Size: 124KB - Virtual size: 120KB

.reloc
Size: 4KB - Virtual size: 132B