057ab10a8451f5c8a39452a31a043e65_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

057ab10a8451f5c8a39452a31a043e65_JaffaCakes118
Size

59KB
MD5

057ab10a8451f5c8a39452a31a043e65
SHA1

80a68cd2637df4065e7d11d1f93d69e9c99e4d9d
SHA256

3b22734791c674ca483077f6a2a54260a3051492eccb61562827a1494ad9352f
SHA512

8a00df36a01306a9066f0ac57e0f527b85a0b5232ef17beaf6089fa201281b4aad9ee24ae7ac22f4fca5f9269bebc196517424a1429e0f675eb55f5457a71fff
SSDEEP

768:c/eMXw4wTt0e/NH0yHZCMc5SyGfh/WYn4SIBkmbjVBHF7UF3z87KTyyK/L0Sd9L8:UXKrwMc47/zIeSVBHBrWDK/t/LgrS+F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
057ab10a8451f5c8a39452a31a043e65_JaffaCakes118

Files

057ab10a8451f5c8a39452a31a043e65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d249f27a92036126357b4dcbc62e4ed6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMailslotA
DeviceIoControl
GetCommMask
UnmapViewOfFile
RtlUnwind
GetSystemWindowsDirectoryW
CopyFileExA
LockFileEx
IsValidLanguageGroup
WriteConsoleOutputAttribute
GetConsoleCursorInfo
CompareFileTime
GetFileAttributesA
LockFile
InterlockedDecrement
SetLocaleInfoA
SetFileAttributesW
GetAtomNameA
GlobalGetAtomNameW
FindFirstVolumeMountPointA
EnumDateFormatsExW
WritePrivateProfileSectionA
GetDiskFreeSpaceW
VirtualQuery
CreateThread
InterlockedExchange
WriteFileGather
Heap32First
SetFilePointerEx
SetDefaultCommConfigA
GetFileTime
SetMailslotInfo
GetDiskFreeSpaceA
InitializeCriticalSection
OpenEventW
FlushViewOfFile
VirtualProtectEx
GetPrivateProfileSectionW
GetThreadPriority
GenerateConsoleCtrlEvent
PrepareTape
GetPrivateProfileSectionA
GetThreadContext
GetFileSizeEx
Heap32Next
GetMailslotInfo
GetDriveTypeA
SetCurrentDirectoryA
ReadFile
SetWaitableTimer
SetVolumeMountPointW
FreeEnvironmentStringsA
SetConsoleCursor
SearchPathW
VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
LoadLibraryA
GetLastError
GetProcAddress

user32

MapWindowPoints
GetKeyState
LoadAcceleratorsA
EnumDisplaySettingsW
ToAsciiEx
SetUserObjectInformationW
InvertRect
EnumPropsExA
LoadMenuA
GetMenuItemCount
CharNextExA
GetClassWord
ShowCursor
GetPriorityClipboardFormat
GetUpdateRect
DeregisterShellHookWindow
PostQuitMessage
PtInRect
EnumClipboardFormats
MonitorFromPoint
GetMonitorInfoW
DdeQueryConvInfo
GetMessageTime
CreateDesktopA
SetThreadDesktop
GetClassInfoW
GetKeyboardState
ReleaseCapture
DispatchMessageA
TranslateAccelerator
GetClipboardOwner
ReplyMessage
GetClassInfoExW
CreateDialogIndirectParamW
DrawIconEx
CharToOemBuffA
SetWindowsHookExA
EnumWindows
SetLayeredWindowAttributes
WaitMessage
SetDlgItemInt
SetFocus
IsCharAlphaW
GetKBCodePage
SendNotifyMessageW
BeginPaint
ModifyMenuW
IsClipboardFormatAvailable
SetWindowLongW
DdeEnableCallback
SendDlgItemMessageW
GetMonitorInfoA
InSendMessageEx
EnableWindow
GetScrollInfo
SetShellWindow
EnableScrollBar
DefDlgProcW
CreateMDIWindowW
EndTask
IsIconic
IsCharAlphaA
IsWindowUnicode
CharUpperBuffW
DialogBoxParamA
CharLowerA
KillTimer
OemToCharBuffW
SetClipboardData
PeekMessageW
SetMessageExtraInfo
MsgWaitForMultipleObjects
LoadIconA
GetQueueStatus
CharToOemA
UnloadKeyboardLayout
SendMessageTimeoutW
GetKeyboardLayout
MessageBoxA
SetSysColors
RegisterClipboardFormatW
GetClassLongW
EqualRect
SetParent
DeferWindowPos
EnumDisplaySettingsA
wsprintfW
CharToOemW
RegisterClassA
IsDlgButtonChecked

shlwapi

StrChrIA
wvnsprintfA
PathSkipRootW
PathIsRelativeW
SHSetThreadRef
PathCreateFromUrlW
StrRetToStrW
SHRegGetPathA
PathUnExpandEnvStringsA
UrlCreateFromPathA
SHRegQueryUSValueA
PathMatchSpecA
PathAddExtensionA
HashData
PathIsUNCA
PathStripToRootA
wnsprintfA
StrTrimA
StrRStrIW
PathRenameExtensionA
PathIsRootW
StrFormatKBSizeA
PathGetCharTypeW
SHQueryValueExA
UrlEscapeW
UrlGetPartW
StrFromTimeIntervalW
PathQuoteSpacesW
UrlIsNoHistoryW
SHOpenRegStream2W
UrlCreateFromPathW
SHDeleteEmptyKeyW
PathRenameExtensionW
PathGetDriveNumberW
SHRegWriteUSValueA
SHRegSetUSValueA
PathMakeSystemFolderA
StrRChrA
SHDeleteKeyA
UrlIsOpaqueW
PathBuildRootW
StrToIntA
GetMenuPosFromID
PathBuildRootA
UrlUnescapeA
SHRegCreateUSKeyA
PathRemoveFileSpecA
StrToIntW
StrCpyNW
PathIsPrefixW
SHRegGetUSValueW
StrCmpNIW
StrCmpNA
SHRegCloseUSKey
PathIsUNCServerShareW
UrlCombineW
PathFindOnPathA
PathIsURLW
SHDeleteValueW
UrlIsNoHistoryA
IntlStrEqWorkerW
PathIsRootA
StrDupA
SHAutoComplete
SHRegDuplicateHKey
SHRegSetPathW
StrCatW
PathIsLFNFileSpecA
PathIsUNCServerW
StrRChrW
PathGetCharTypeA
SHRegQueryInfoUSKeyA
PathRemoveArgsA
PathFindExtensionA
SHEnumValueA
PathIsDirectoryEmptyW
PathCombineW
SHDeleteEmptyKeyA
StrFromTimeIntervalA
PathFindOnPathW
UrlCompareA
SHRegDeleteEmptyUSKeyW
AssocQueryKeyW
StrNCatA
UrlCanonicalizeA
PathCombineA
StrSpnA
StrCSpnA
StrChrIW
PathParseIconLocationW
PathRemoveBlanksA
StrToIntExA
PathIsURLA
ChrCmpIA
PathAppendA
PathUnquoteSpacesA
AssocQueryStringW
UrlIsOpaqueA
PathSkipRootA
SHRegQueryUSValueW

advapi32

RegOpenKeyExA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d249f27a92036126357b4dcbc62e4ed6

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 7KB - Virtual size: 6KB

.flat Size: 45KB - Virtual size: 45KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 7KB - Virtual size: 6KB

.flat
Size: 45KB - Virtual size: 45KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB