27807b6182aae09ea8c5c1cac8f1bc8c_JaffaCakes118

General

Target

27807b6182aae09ea8c5c1cac8f1bc8c_JaffaCakes118
Size

92KB
MD5

27807b6182aae09ea8c5c1cac8f1bc8c
SHA1

ec0db4b44069440936e053ac8596a634eb58dc77
SHA256

3fd41ee59730f678423f02ce5224e7cf11e98eb62a8f6263f4901d2864f2b743
SHA512

d63416ca5827dabed99e1b9c8bcba3981a3431ba87f9157f2b1692d95f4cb11db797aae16b35b3c1b119aa4172dc640e4c6fd078613542b407db0b90fd3f36d3
SSDEEP

1536:neBi+8OVx7EAeD3ov9tpGKDhZPMC6xRozM76z48NZtyc4ELiJhfO7AvjLhH72p:n3HjD3GtUKtZj6x5wNZEw+4MnhH72

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27807b6182aae09ea8c5c1cac8f1bc8c_JaffaCakes118

Files

27807b6182aae09ea8c5c1cac8f1bc8c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd353f0aacd4032d14e331563f86544d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
WaitForMultipleObjects
MoveFileW
SetCurrentDirectoryW
GetProcAddress
ReadFile
GetCurrentProcess
FindFirstFileW
LoadLibraryA
GetLocalTime
FindClose
CreateFileW
GetCurrentThread
CreateProcessW
WriteFile
FindNextChangeNotification
SuspendThread
CancelWaitableTimer
SetThreadPriority
FileTimeToSystemTime
FreeResource
lstrcpyW
FindNextFileW
GlobalLock
ReadProcessMemory

user32

SystemParametersInfoW
WindowFromPoint
RedrawWindow
PostMessageW
LoadCursorW
LoadIconW
DrawTextW
SendMessageW
GetCursorPos
PostQuitMessage
IsWindow
CreateWindowExW
wsprintfW
SetLayeredWindowAttributes
RegisterClassExW
MessageBoxW
AppendMenuW
DialogBoxParamW
OffsetRect
GetWindowTextW
GetParent
GetMessageW
LoadStringW
SetCursorPos

gdi32

GetStockObject
SetMapMode
DeleteDC
CreateFontIndirectW
SetDIBits
BitBlt
CreateCompatibleBitmap
GetClipBox
SetTextColor
SetBkColor
CreateSolidBrush

advapi32

RegNotifyChangeKeyValue
RegOpenKeyExW
InitializeSecurityDescriptor

Sections

.mgtv
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pscmej
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dile
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd353f0aacd4032d14e331563f86544d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.mgtv Size: 80KB - Virtual size: 77KB

.pscmej Size: 4KB - Virtual size: 1KB

.dile Size: 4KB - Virtual size: 22KB

.mgtv
Size: 80KB - Virtual size: 77KB

.pscmej
Size: 4KB - Virtual size: 1KB

.dile
Size: 4KB - Virtual size: 22KB