4d97c273c0e37b5e7dc42dc934bd171d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d97c273c0e37b5e7dc42dc934bd171d_JaffaCakes118
Size

386KB
MD5

4d97c273c0e37b5e7dc42dc934bd171d
SHA1

33c792c0bb7716805d67bcea4348d2cc54a60479
SHA256

66b99f7d6a911a1f688d27aee7539cd9bfce2e1889de9b0de5b3076edaa0bb0c
SHA512

0af28fb438ce1d6ef707bc9f4a1dc65f7027c0ab8c6178983d8da9b3d69e9bf555e86525917201fa797547bb8cf38e429e543a87b05a6cdcda3c7134629e8eb4
SSDEEP

6144:CoqooWoNUQPbsEXbyBNLr5mSenFYkmAXMZ55P8rA:d3oCQPbpXef8SK1XMLl8rA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d97c273c0e37b5e7dc42dc934bd171d_JaffaCakes118

Files

4d97c273c0e37b5e7dc42dc934bd171d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

252deea0c6a926a68859c84453bd60cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHOpenRegStream2W
SHOpenRegStream2A
SHIsLowMemoryMachine
SHGetValueW
SHGetValueA
SHGetThreadRef
SHGetInverseCMAP
SHEnumValueW
SHEnumValueA
SHEnumKeyExW
SHEnumKeyExA
SHDeleteValueW
SHDeleteValueA
SHDeleteKeyW
SHDeleteKeyA
SHDeleteEmptyKeyW
SHDeleteEmptyKeyA
ord16
SHCreateStreamOnFileW
SHCreateStreamOnFileA
SHCreateShellPalette
SHCopyKeyW
SHCopyKeyA
SHAutoComplete
PathUnquoteSpacesW
PathUnquoteSpacesA
PathUnmakeSystemFolderW
PathUnmakeSystemFolderA
PathUndecorateW
PathUndecorateA
PathUnExpandEnvStringsW
PathUnExpandEnvStringsA
PathStripToRootW
PathStripToRootA
PathStripPathW
PathStripPathA
PathSkipRootW
PathSkipRootA
PathSetDlgItemPathW
PathSetDlgItemPathA
PathSearchAndQualifyW
PathSearchAndQualifyA
PathRenameExtensionW
PathRenameExtensionA
PathRemoveFileSpecW
PathRemoveFileSpecA
PathRemoveExtensionW
PathRemoveExtensionA
PathRemoveBlanksW
PathRemoveBlanksA
PathRemoveBackslashW
PathRemoveBackslashA
PathRemoveArgsW
PathRemoveArgsA
PathRelativePathToW
PathRelativePathToA
PathQuoteSpacesW
PathQuoteSpacesA
PathParseIconLocationW
PathParseIconLocationA
PathMatchSpecW
PathMatchSpecA
PathMakeSystemFolderW
PathMakeSystemFolderA
PathMakePrettyW
PathMakePrettyA
PathIsURLW
PathIsURLA
PathIsUNCW
PathIsUNCServerW
PathIsUNCServerShareW
SHOpenRegStreamA
PathIsUNCServerA
PathIsUNCA
PathIsSystemFolderW
PathIsSystemFolderA
PathIsSameRootW
PathIsSameRootA
PathIsRootW
PathIsRootA
PathIsRelativeW
PathIsRelativeA
PathIsPrefixW
PathIsPrefixA
PathIsNetworkPathW
PathIsNetworkPathA
PathIsLFNFileSpecW
PathIsLFNFileSpecA
PathIsFileSpecW
PathIsFileSpecA
PathIsDirectoryW
PathIsDirectoryEmptyW
PathIsDirectoryEmptyA
PathIsDirectoryA
PathIsContentTypeW
PathIsContentTypeA
PathGetDriveNumberW
PathGetDriveNumberA
PathGetCharTypeW
PathGetCharTypeA
PathGetArgsW
PathGetArgsA
PathFindSuffixArrayW
PathFindSuffixArrayA
PathFindOnPathW
PathFindOnPathA
PathFindNextComponentW
PathFindNextComponentA
PathFindFileNameW
PathFindFileNameA
PathFindExtensionW
PathFindExtensionA
PathFileExistsW
PathFileExistsA
PathCreateFromUrlW
PathCreateFromUrlA
PathCompactPathW
PathCompactPathExW
PathCompactPathExA
PathCompactPathA
PathCommonPrefixW
PathCommonPrefixA
PathCombineW
PathCombineA
PathCanonicalizeW
PathCanonicalizeA
PathBuildRootW
PathBuildRootA
PathAppendW
PathAppendA
PathAddExtensionW
PathAddExtensionA
PathAddBackslashW
PathAddBackslashA
IntlStrEqWorkerW
IntlStrEqWorkerA
HashData
GetMenuPosFromID
ColorRGBToHLS
ColorHLSToRGB
ColorAdjustLuma
ChrCmpIW
ChrCmpIA
SHOpenRegStreamW
SHQueryInfoKeyA
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegCloseUSKey
SHRegCreateUSKeyA
SHRegCreateUSKeyW
SHRegDeleteEmptyUSKeyA
SHRegDeleteEmptyUSKeyW
SHRegDeleteUSValueA
SHRegDeleteUSValueW
SHRegDuplicateHKey
SHRegEnumUSKeyA
SHRegEnumUSKeyW
SHRegEnumUSValueA
SHRegEnumUSValueW
SHRegGetBoolUSValueA
SHRegGetBoolUSValueW
SHRegGetPathA
SHRegGetPathW
SHRegGetUSValueA
SHRegGetUSValueW
SHRegOpenUSKeyA
SHRegOpenUSKeyW
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegQueryUSValueW
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
SHRegSetUSValueW
SHRegWriteUSValueA
SHRegWriteUSValueW
SHSetThreadRef
SHSetValueA
SHSetValueW
SHStrDupA
SHSkipJunction
PathIsUNCServerShareA
SHStrDupW

kernel32

LocalSize
FindResourceW
FindResourceExA
HeapFree
GetProcessHeap
HeapAlloc
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiber
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateMailslotA
CreateMailslotW
CommConfigDialogW
CompareFileTime
CompareStringA
CompareStringW
ConnectNamedPipe
ContinueDebugEvent
ConvertDefaultLocale
ConvertThreadToFiber
CopyFileA
CopyFileExA
CopyFileExW
CopyFileW
GetFileTime

ole32

OleRun

user32

ChildWindowFromPointEx
ChildWindowFromPoint
CheckRadioButton
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharUpperA
CharToOemW
CharToOemBuffW
CharToOemBuffA
CharToOemA
CharPrevW
CharPrevExA
CharPrevA
CharNextW
CharNextExA
CharNextA
CharLowerW
CharLowerBuffW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeMenuA
ChangeDisplaySettingsW
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
ChangeDisplaySettingsA
ChangeClipboardChain
ReleaseDC

advapi32

RegLoadKeyA

msvcrt

malloc
memset
free

winmm

mmioOpenA

Sections

.text
Size: 374KB - Virtual size: 464KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

252deea0c6a926a68859c84453bd60cf

Headers

File Characteristics

Imports

shlwapi

kernel32

ole32

user32

advapi32

msvcrt

winmm

Sections

.text Size: 374KB - Virtual size: 464KB

.rdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 848B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 374KB - Virtual size: 464KB

.rdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 2KB - Virtual size: 1KB