4263c4277508ef5b5f91b6de03d5e866_JaffaCakes118

General

Target

4263c4277508ef5b5f91b6de03d5e866_JaffaCakes118
Size

84KB
MD5

4263c4277508ef5b5f91b6de03d5e866
SHA1

b7a28ac9d4b69a21f28bed3f618ddf38b8f5e070
SHA256

f15b90216a49cc1b55190a6172be0ea17cc74a03667b7e291d6b1cc77af68bd7
SHA512

2e4e93551c7cf10a28517c6aa5322ba784be5639ef17965a2687a21b46b093cccf92ca97e63fbbba0d5dbc493beb062270e084a2815d8b41b39dffb51997189b
SSDEEP

1536:5JS+Usvi0nllYWCO+59ZWBuhDa79c+8QfBwh5u2ghbOvpdfE2pykrnXaS/4Oz:S+vi0nllYWCOEbWQDsZ32fvZlXP//z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4263c4277508ef5b5f91b6de03d5e866_JaffaCakes118

Files

4263c4277508ef5b5f91b6de03d5e866_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28aa5844ae5e4b560735b1574c8c80a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetCurrentThreadId
LoadLibraryA
lstrlenW
DeleteFileW
CancelWaitableTimer
CreateEventW
CreateThread
GetProcAddress
GetFileAttributesExW
GetDriveTypeW
GetUserDefaultLangID
GetFileAttributesW
QueryDosDeviceW
MulDiv
SuspendThread
GlobalLock
SetEvent
GetModuleHandleW
GetSystemTime
GetVersion
GetCurrentThread
SetCurrentDirectoryW
GetLastError
WaitForMultipleObjects
GlobalAlloc
InterlockedIncrement
LoadResource
CreateWaitableTimerW
WaitForSingleObject
SetFilePointer

user32

DefWindowProcW
LoadImageW
RegisterWindowMessageW
PostQuitMessage
GetDlgItem
LoadIconW
GetSysColor
GetClassNameW
GetWindowThreadProcessId
SendDlgItemMessageW
DestroyMenu
SetCursorPos
SetWindowPos
GetWindowDC
PostThreadMessageW
EnableWindow
TranslateMessage
AppendMenuW
LoadCursorW
CreatePopupMenu
CreateWindowExW
LoadBitmapW
InvalidateRect

gdi32

CreatePen
CreateRoundRectRgn
DeleteDC
DeleteObject
CreateDCW
StretchBlt
GetClipBox

advapi32

RegCreateKeyExW
GetUserNameW
SetSecurityDescriptorDacl
RegSetValueExW
RegOpenKeyExW

Sections

.povgis
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zrexrr
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.acxox
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

28aa5844ae5e4b560735b1574c8c80a4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.povgis Size: 72KB - Virtual size: 69KB

.zrexrr Size: 4KB - Virtual size: 1KB

.acxox Size: 4KB - Virtual size: 22KB

.povgis
Size: 72KB - Virtual size: 69KB

.zrexrr
Size: 4KB - Virtual size: 1KB

.acxox
Size: 4KB - Virtual size: 22KB