4d5e4ab204e3da9f26f843d44f8e262d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4d5e4ab204e3da9f26f843d44f8e262d_JaffaCakes118
Size

63KB
MD5

4d5e4ab204e3da9f26f843d44f8e262d
SHA1

1e85b9057e3c939fa36a3257aa0f4b551ca3f235
SHA256

cf77fe838287ce3686ae347e48e6ca3ae6893ba21baa8a3580672f3981bd3a46
SHA512

2e4991acb7176d87e1f9c8d3e49548e67c4d3c9c22d02204ebb4802f021613b80c839eb3ba51b64177064a75e849b01f1aabf505cc9be19291c6d5752b5a171f
SSDEEP

1536:eBAIqO7PobU68qA6iv74ZUJjw8FqUFHwp2iDgE7P9qr:eOIqO7PobU3v74Ww8rFkv7s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d5e4ab204e3da9f26f843d44f8e262d_JaffaCakes118

Files

4d5e4ab204e3da9f26f843d44f8e262d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf52c7715729270ed88253683ed5b87d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
LoadLibraryA
GetLastError
GetProcAddress

user32

MapWindowPoints
GetKeyState
LoadAcceleratorsA
EnumDisplaySettingsW
ToAsciiEx
SetUserObjectInformationW
InvertRect
EnumPropsExA
LoadMenuA
GetMenuItemCount
CharNextExA
GetClassWord
ShowCursor
GetPriorityClipboardFormat
GetUpdateRect
DeregisterShellHookWindow
PostQuitMessage
PtInRect
EnumClipboardFormats
MonitorFromPoint
GetMonitorInfoW
DdeQueryConvInfo
GetMessageTime
CreateDesktopA
SetThreadDesktop
GetClassInfoW
GetKeyboardState
ReleaseCapture
DispatchMessageA
TranslateAccelerator
GetClipboardOwner
ReplyMessage
GetClassInfoExW
CreateDialogIndirectParamW
DrawIconEx
CharToOemBuffA
SetWindowsHookExA
EnumWindows
SetLayeredWindowAttributes
WaitMessage
SetDlgItemInt
SetFocus
IsCharAlphaW
GetKBCodePage
SendNotifyMessageW
BeginPaint
ModifyMenuW
IsClipboardFormatAvailable
SetWindowLongW
DdeEnableCallback
SendDlgItemMessageW
GetMonitorInfoA
InSendMessageEx
EnableWindow
GetScrollInfo
SetShellWindow
EnableScrollBar
DefDlgProcW
CreateMDIWindowW
EndTask
IsIconic
IsCharAlphaA
IsWindowUnicode
CharUpperBuffW
DialogBoxParamA
CharLowerA
KillTimer
OemToCharBuffW
SetClipboardData
PeekMessageW
SetMessageExtraInfo
MsgWaitForMultipleObjects
LoadIconA
GetQueueStatus
CharToOemA
UnloadKeyboardLayout
SendMessageTimeoutW
GetKeyboardLayout
MessageBoxA
SetSysColors
RegisterClipboardFormatW
GetClassLongW
EqualRect
SetParent
DeferWindowPos
EnumDisplaySettingsA
wsprintfW
CharToOemW
RegisterClassA
IsDlgButtonChecked

advapi32

RegOpenKeyExA

shlwapi

StrRChrIA
SHRegOpenUSKeyW
UrlApplySchemeA
PathCommonPrefixA
SHRegOpenUSKeyA
StrCmpNA
SHDeleteEmptyKeyA
PathFileExistsA
StrFormatByteSize64A
StrRetToBufW
StrStrW
UrlIsOpaqueW
StrRetToBufA
AssocQueryStringW
StrCmpNW
PathRemoveExtensionW
StrCSpnIW
StrNCatW
SHRegWriteUSValueA
StrFormatKBSizeA
PathGetArgsW
StrCatW
SHGetInverseCMAP
SHRegDeleteEmptyUSKeyW
SHCopyKeyA
StrChrW
PathQuoteSpacesA
PathIsUNCServerW
SHRegDeleteEmptyUSKeyA
PathCombineW
StrFromTimeIntervalA
UrlIsA
StrFormatByteSizeW
StrChrIA
AssocQueryKeyA
PathRemoveBlanksW
PathUnquoteSpacesA
StrIsIntlEqualA
PathIsNetworkPathW
PathFindOnPathW
PathAppendW
PathRemoveExtensionA
SHDeleteEmptyKeyW
PathRemoveArgsA
PathCompactPathExA
PathParseIconLocationA
UrlIsW
PathGetDriveNumberW
PathSkipRootW
SHIsLowMemoryMachine
PathIsUNCServerA
UrlIsNoHistoryW
StrCmpNIW
PathUnmakeSystemFolderA
PathFindExtensionA
PathMakePrettyA
SHEnumKeyExA
SHRegGetBoolUSValueW
AssocQueryStringByKeyW
SHRegEnumUSValueW
StrDupW
UrlCreateFromPathW
AssocQueryStringByKeyA
ChrCmpIA
SHRegQueryUSValueW
StrSpnA
SHEnumValueA
StrPBrkW
PathIsFileSpecA
PathFileExistsW
PathIsRootW
StrTrimA
SHStrDupW
StrCatBuffA
PathRenameExtensionW
SHRegGetBoolUSValueA
PathIsRelativeW
StrChrIW
SHSetThreadRef
SHAutoComplete
SHRegCreateUSKeyA
PathMakeSystemFolderA
UrlCanonicalizeA
wvnsprintfA
SHRegEnumUSValueA
PathFindNextComponentW
PathSearchAndQualifyA
SHRegQueryInfoUSKeyA
SHRegEnumUSKeyA
SHCopyKeyW
PathRemoveBackslashA
StrStrIW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d1
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf52c7715729270ed88253683ed5b87d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 3KB - Virtual size: 3KB

.d3 Size: 1024B - Virtual size: 1000B

.d2 Size: 1024B - Virtual size: 1000B

.d1 Size: 40KB - Virtual size: 40KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 1024B - Virtual size: 928B

.text
Size: 3KB - Virtual size: 3KB

.d3
Size: 1024B - Virtual size: 1000B

.d2
Size: 1024B - Virtual size: 1000B

.d1
Size: 40KB - Virtual size: 40KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 1024B - Virtual size: 928B