8548b5e5f3c029a48486c7e7d1b79754_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8548b5e5f3c029a48486c7e7d1b79754_JaffaCakes118
Size

70KB
MD5

8548b5e5f3c029a48486c7e7d1b79754
SHA1

c02b2cd18d3365a804e3e55c78ba0daef32edd58
SHA256

e7214bfc5b6276e476644229aa70d1c6b8d31422932d591cf8b775845f4b33c1
SHA512

6d780e663ffe9f8240f41530dda2d40d6b0ba99a5a4dfa92a423cd1c12f9d9f82bbe7017f195729baa17942b1f0e3474de67fe7b84d695b469aa41e6d46937ac
SSDEEP

1536:pklABiRpIDEXi+GV1P7o3mkMCxXY05HSoVsnQ9qn8GR:pklSasEuU3mjC5YAsnNfR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8548b5e5f3c029a48486c7e7d1b79754_JaffaCakes118

Files

8548b5e5f3c029a48486c7e7d1b79754_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eae1aa8135fc01abaab085b09156faf7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
LoadLibraryA
GetLastError

user32

GetSysColorBrush
EndDeferWindowPos
CallWindowProcW
ActivateKeyboardLayout
DrawTextExA
ShowCaret
GetMenuCheckMarkDimensions
ScreenToClient
LoadMenuIndirectW
OemKeyScan
CheckMenuItem
DdeGetData
DdeKeepStringHandle
TrackPopupMenu
CascadeWindows
SetWindowTextW
GetKeyboardState
EndDialog
LoadCursorA
GetSystemMetrics
PostQuitMessage
DrawTextW
DdeQueryNextServer
ModifyMenuA
GetIconInfo
DdeUnaccessData
GetScrollRange
IsCharUpperW
ValidateRgn
DestroyWindow
GrayStringW
DestroyCursor
CharPrevW
ChangeDisplaySettingsExW
ReuseDDElParam
FindWindowA
RegisterHotKey
SetActiveWindow
GetCaretPos
ChildWindowFromPointEx
SetSystemCursor
IMPSetIMEW
SetUserObjectSecurity
ScrollWindowEx
ToAsciiEx
DefDlgProcA
SwapMouseButton
OemToCharA
GetWindowTextLengthA
SetProcessDefaultLayout
LookupIconIdFromDirectoryEx
SetDebugErrorLevel
IsWindowEnabled
SetRectEmpty
GetClipboardFormatNameA
CreateDialogParamA
GetDlgItemTextW
FlashWindow
MonitorFromRect
DlgDirSelectExA
GetWindow
IsClipboardFormatAvailable
DrawIcon
LoadStringA
SendMessageTimeoutA
CreateIconFromResourceEx
CreateIcon
RegisterClassExW
MessageBoxExW
CopyAcceleratorTableW
SetUserObjectInformationA
DeferWindowPos
CloseClipboard
IsRectEmpty
CreateWindowStationW
WINNLSEnableIME
DestroyIcon
ShowWindow
MessageBoxA
EnumWindowStationsW
OemToCharW
ModifyMenuW
GetKBCodePage
GetUserObjectInformationA
GetMenu
FindWindowExA
DlgDirListW
GrayStringA
InvertRect
SetPropW
BeginDeferWindowPos

advapi32

RegOpenKeyExA
RegQueryValueExA

shlwapi

PathFindSuffixArrayW
PathIsRootA
SHRegGetUSValueA
PathIsURLA
SHQueryInfoKeyA
SHRegDeleteUSValueA
StrCpyNW
wvnsprintfW
StrCmpNA
PathRemoveFileSpecA
SHRegEnumUSKeyA
UrlIsNoHistoryW
AssocQueryKeyA
PathGetCharTypeW
StrStrIW
PathIsURLW
SHStrDupA
SHRegSetUSValueA
PathIsUNCServerShareW
SHDeleteKeyA
UrlIsOpaqueW
StrCSpnA
PathCompactPathExW
PathIsUNCA
SHCreateShellPalette
SHGetThreadRef
PathFileExistsA
SHDeleteKeyW
StrFormatKBSizeW
PathUnExpandEnvStringsW
SHGetInverseCMAP
StrTrimA
PathIsDirectoryW
PathUnquoteSpacesW
wnsprintfA
SHCreateStreamOnFileA
StrNCatW
StrCmpNIW
SHSetValueA
PathStripToRootW
ColorHLSToRGB
AssocQueryStringByKeyA
PathCanonicalizeW
SHEnumKeyExW
StrRChrW
PathIsRootW
PathCompactPathA
SHRegQueryUSValueA
SHRegQueryInfoUSKeyW
StrChrIW
PathFindFileNameW
SHRegGetBoolUSValueW
PathIsContentTypeA
SHRegDeleteEmptyUSKeyW
SHOpenRegStreamA
PathCombineW
PathCompactPathExA
PathStripPathA
PathUnquoteSpacesA
StrStrW
PathRelativePathToW
PathIsDirectoryA
StrCmpW
PathIsSystemFolderW
PathIsRelativeW
StrToIntA
UrlCombineA
StrPBrkW
StrFromTimeIntervalW
PathParseIconLocationA
PathUndecorateW
StrCpyW
UrlCompareW
PathIsUNCServerShareA
ord16
AssocQueryStringByKeyW
SHQueryValueExW
PathIsSameRootW
StrRStrIW
SHStrDupW
SHRegSetPathW
StrRChrIW
SHRegOpenUSKeyW
PathRemoveBackslashA
UrlCanonicalizeA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d1
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eae1aa8135fc01abaab085b09156faf7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 4KB - Virtual size: 3KB

.d2 Size: 1024B - Virtual size: 1000B

.d1 Size: 40KB - Virtual size: 40KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 1024B - Virtual size: 912B

.text
Size: 4KB - Virtual size: 3KB

.d2
Size: 1024B - Virtual size: 1000B

.d1
Size: 40KB - Virtual size: 40KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 1024B - Virtual size: 912B