4456e181232270adf022f682e8595ef3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4456e181232270adf022f682e8595ef3_JaffaCakes118
Size

80KB
MD5

4456e181232270adf022f682e8595ef3
SHA1

3c98d29daea0e74f5242270f8fca932d7e2a680a
SHA256

51affa3069a11953c4f19b35033b0ef04c69e5ad35c9686686b8619bbcedf3a0
SHA512

8d94bbdadb1ba88b0560e5503862e205563136804bc0d81b6365c657f21e40ab595f78300a61bf039df73d980e1e1ab6d8f3b50a57c11a2dcce75f7e8565b5b7
SSDEEP

1536:SpjBzj5UgGM530aD46ca4ZdA/uxkCNRF5IWFHGz6M7podr0U65q:SpRj5IMmazyg/uxksRDTFHQ67yUo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4456e181232270adf022f682e8595ef3_JaffaCakes118

Files

4456e181232270adf022f682e8595ef3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f22c97a19daac29672d648968f9bd83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHEnumValueW
StrRStrIA
UrlEscapeA
PathRenameExtensionA
StrPBrkA
StrCmpNIW
SHRegEnumUSValueW
SHRegGetUSValueA
PathMakePrettyW
StrCpyNW
SHIsLowMemoryMachine
PathIsRelativeA
UrlCompareW
PathCombineA
UrlCanonicalizeA
PathIsUNCA
SHCopyKeyA
StrCSpnIA
SHStrDupA
UrlGetPartW
SHRegQueryUSValueW
PathIsLFNFileSpecA
PathRemoveArgsW
PathFindFileNameW
PathUndecorateA
PathSkipRootA
SHRegCloseUSKey
PathRemoveBackslashA
SHGetInverseCMAP
SHRegOpenUSKeyW
PathMatchSpecA
PathUnquoteSpacesW
SHRegDeleteUSValueW
UrlCreateFromPathA
SHSkipJunction
PathAddExtensionW
PathCreateFromUrlW
PathQuoteSpacesW
ChrCmpIW
StrIsIntlEqualW
PathIsPrefixW
UrlGetLocationW
StrRetToBufW
AssocQueryStringByKeyA
SHRegEnumUSValueA
SHQueryInfoKeyW
UrlApplySchemeW
PathIsSameRootW
PathRemoveArgsA
StrStrIW
PathIsContentTypeA
PathStripToRootA
PathRemoveBlanksA
SHSetThreadRef
StrFromTimeIntervalA
StrCSpnIW

advapi32

SetSecurityDescriptorSacl
SetFileSecurityW
RegSetValueA
ObjectCloseAuditAlarmW
GetServiceKeyNameA
LookupSecurityDescriptorPartsA
SetNamedSecurityInfoExA
RegQueryMultipleValuesW
BuildImpersonateExplicitAccessWithNameA
EnumServicesStatusW
IsTextUnicode
RegQueryMultipleValuesA
RegConnectRegistryA
GetTokenInformation
SetNamedSecurityInfoA
RegFlushKey
GetTrusteeNameA
GetPrivateObjectSecurity
LookupPrivilegeValueA
InitiateSystemShutdownW
BuildTrusteeWithNameA
EqualPrefixSid
LookupAccountSidA
SetSecurityInfoExA
CopySid
ReadEventLogW
LookupPrivilegeNameA
CreateServiceA
CryptAcquireContextA
CancelOverlappedAccess
RegOpenKeyExW
CryptSetKeyParam
ObjectOpenAuditAlarmW
RegConnectRegistryW
TrusteeAccessToObjectW
OpenSCManagerW
RegCloseKey
BuildExplicitAccessWithNameW
CryptVerifySignatureA
RegSaveKeyW
CryptReleaseContext
RegSetValueW
ObjectPrivilegeAuditAlarmW
BackupEventLogA
StartServiceW
RegSetValueExW
GetAuditedPermissionsFromAclA
EqualSid
RegDeleteKeyW
RegEnumValueW
CryptGetKeyParam
OpenBackupEventLogA
SetKernelObjectSecurity
RegReplaceKeyW
CryptDeriveKey
CryptEnumProviderTypesW
CryptExportKey
FreeSid
ReportEventW
ObjectOpenAuditAlarmA
BuildTrusteeWithNameW
CryptHashSessionKey
SetEntriesInAccessListA
AccessCheck
LogonUserA
GetKernelObjectSecurity
CryptSetProviderExA
GetEffectiveRightsFromAclW

kernel32

InitAtomTable
GetDiskFreeSpaceW
SetConsoleCtrlHandler
SetEnvironmentVariableW
OpenEventA
GetMailslotInfo
GetWriteWatch
FindResourceExA
SetLocalTime
EnumCalendarInfoW
CreateEventW
FileTimeToLocalFileTime
WritePrivateProfileSectionA
SetDefaultCommConfigA
EnumResourceNamesW
GetTempFileNameW
HeapCreate
Process32First
GetNumberOfConsoleMouseButtons
MapViewOfFile
VirtualProtect
GetFileAttributesExW
IsBadHugeWritePtr
LocalFree
MapViewOfFileEx
SetConsoleTitleA
SignalObjectAndWait
LocalLock
GlobalGetAtomNameA
SetSystemTime
SetCommState
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
SetHandleInformation
FormatMessageW
Thread32First
CreateMutexW
DisableThreadLibraryCalls
ResumeThread
HeapDestroy
GetFileSize
FillConsoleOutputCharacterW
FoldStringW
SetThreadAffinityMask
GetPrivateProfileStructA
CreateFiber
FindResourceA
SwitchToFiber
GetConsoleMode
ReadConsoleInputA
CallNamedPipeA
EnumSystemLocalesA
DosDateTimeToFileTime
CallNamedPipeW
VirtualAlloc
DefineDosDeviceA
Heap32Next
IsProcessorFeaturePresent
HeapUnlock
TransmitCommChar
GlobalDeleteAtom
lstrlenA
ExpandEnvironmentStringsW
SetFileAttributesW

ole32

OleCreate
CreatePointerMoniker
CoRegisterSurrogate
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CoGetMalloc
ReadClassStm
UtConvertDvtd32toDvtd16
CoIsOle1Class
CoFreeLibrary
GetClassFile
CoGetCurrentProcess
CoGetInterfaceAndReleaseStream
CoGetStandardMarshal
OleDraw
CoGetMarshalSizeMax
CreateItemMoniker
GetRunningObjectTable
OleCreateLinkToFile
CoGetPSClsid
OleCreateStaticFromData
CoSwitchCallContext
ReadStringStream
CoInitializeEx
WriteClassStg
FreePropVariantArray
WriteStringStream
OleRegEnumFormatEtc
GetHookInterface
CoMarshalInterface
OleGetIconOfFile
OleUninitialize
BindMoniker
CoUnmarshalInterface
CreateILockBytesOnHGlobal
CoTreatAsClass
OleQueryCreateFromData
OleLockRunning
OleGetIconOfClass
PropVariantCopy
CoCreateInstanceEx
CoQueryProxyBlanket
UtGetDvtd16Info
WriteClassStm
CoAddRefServerProcess
CoRevertToSelf
OleSetContainedObject
CoGetClassObject
CreateObjrefMoniker
CreateGenericComposite
IsAccelerator
SetConvertStg
CoGetCallerTID
CoRegisterChannelHook
OleCreateFromDataEx
OleConvertOLESTREAMToIStorageEx
GetHGlobalFromStream
OleCreateFromFile
CreateDataCache
SetDocumentBitStg
OleRegGetUserType
OleCreateMenuDescriptor

user32

SetMenuDefaultItem
CreateIconIndirect
CharLowerW
ModifyMenuA
EnumThreadWindows
ChangeDisplaySettingsA
RegisterDeviceNotificationW
LoadMenuA
EmptyClipboard
SetWindowLongA
ChangeMenuA
SetDoubleClickTime
GetClassInfoW
UnloadKeyboardLayout
BeginPaint
GetWindowTextLengthA
GetMenuInfo
IsWindowEnabled
CreateIconFromResourceEx
GetKeyState
VkKeyScanExW
DestroyCaret
DrawAnimatedRects
GetPropW
ScrollDC
LoadImageA
EnumWindows
IsIconic
GetMessagePos
EditWndProc
GetPriorityClipboardFormat
GetDlgItemTextA
DdeDisconnect
GetNextDlgGroupItem
MsgWaitForMultipleObjectsEx
LoadCursorFromFileA
DdeConnect
DefMDIChildProcA
DrawFrame
LoadIconW
ArrangeIconicWindows
SendDlgItemMessageW
GetInputDesktop
LoadMenuIndirectA
CharToOemW
GetForegroundWindow
CharUpperBuffW
GetMenuContextHelpId
EndDialog
SendMessageCallbackW
CharNextA
DdeUninitialize
InvalidateRect
GetShellWindow
DdeCreateStringHandleA
DlgDirSelectComboBoxExW
SetClipboardData
EnumPropsW
TrackPopupMenuEx

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f22c97a19daac29672d648968f9bd83

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

advapi32

kernel32

ole32

user32

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 20KB