8624c790288a197cffc20ecac12678d4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8624c790288a197cffc20ecac12678d4_JaffaCakes118
Size

35KB
MD5

8624c790288a197cffc20ecac12678d4
SHA1

3982ef2e5d16cc25a3f2a9655bfd1ff25f9d4db4
SHA256

4e8e46acd2455097d63587c75cf7cc3031c1564a8f02af6897ca982ba92d8511
SHA512

b058509ccf743181d73a60e7cac1051383b4326e33235477bd1bd342b0e6cd52725daca018038f9cc5479b23c55c2537435f8c27b8953b462063a79a9f14bd79
SSDEEP

768:yIEUMxwfNsh89GivwBiCFL04ymE1UQda+V5O9t6Vrm9j4ixb:dEwNXBoBzZ0QE1bs+VUMxm9jh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8624c790288a197cffc20ecac12678d4_JaffaCakes118

Files

8624c790288a197cffc20ecac12678d4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

de28a385b796885b73e8c99fcbf4329c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
VirtualAlloc
CreateFileW

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

advapi32

RegOpenKeyExA

shlwapi

SHRegSetPathW
SHSetValueW
SHSkipJunction
StrCSpnIA
StrCSpnIW
StrCatBuffW
StrChrA
StrChrW
StrFormatByteSize64A
StrFormatByteSizeW
StrFromTimeIntervalW
StrIsIntlEqualW
StrPBrkW
StrRChrIA
StrRChrW
StrSpnA
StrStrW
StrToIntExA
StrTrimA
UrlCanonicalizeA
UrlCanonicalizeW
UrlCreateFromPathW
UrlEscapeA
UrlGetLocationA
UrlIsA
UrlUnescapeA
wnsprintfW
wvnsprintfW
SHRegOpenUSKeyA
SHRegGetBoolUSValueW
SHRegEnumUSKeyW
SHRegDeleteUSValueA
SHRegDeleteEmptyUSKeyA
SHRegCloseUSKey
SHQueryValueExA
SHQueryInfoKeyA
SHOpenRegStreamA
SHGetInverseCMAP
SHEnumValueA
SHEnumKeyExW
SHDeleteValueA
SHDeleteEmptyKeyA
SHCreateStreamOnFileA
SHCreateShellPalette
SHCopyKeyW
SHCopyKeyA
PathUnquoteSpacesW
PathUndecorateA
PathUnExpandEnvStringsW
PathStripPathW
PathSearchAndQualifyA
PathRemoveExtensionA
PathRemoveBlanksA
PathRemoveBackslashW
PathRemoveArgsW
PathRelativePathToA
PathParseIconLocationA
PathMatchSpecW
PathIsURLA
PathIsUNCServerShareA
PathIsSystemFolderA
PathIsSameRootW
PathIsRootW
PathIsPrefixW
PathIsNetworkPathW
PathIsNetworkPathA
PathIsDirectoryEmptyW
PathIsDirectoryA
PathGetCharTypeA
PathGetArgsW
PathFindSuffixArrayW
PathFindNextComponentW
PathFindExtensionA
PathCompactPathW
PathCommonPrefixW
PathCanonicalizeA
PathBuildRootW
PathBuildRootA
PathAppendW
PathAddBackslashW
IntlStrEqWorkerA
ColorRGBToHLS
ColorAdjustLuma
ChrCmpIW
AssocQueryStringByKeyA
AssocQueryStringA
AssocCreate
SHRegQueryUSValueA

comctl32

CreateStatusWindow
ord6
ord7
CreateToolbarEx
ord16
DestroyPropertySheetPage
ord15
DrawStatusText
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
CreatePropertySheetPageW
FlatSB_SetScrollProp
ord4
GetMUILanguage
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragShowNolock
FlatSB_GetScrollRange
UninitializeFlatSB
ord3
PropertySheetW
PropertySheetA
PropertySheet
ord2
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_Merge
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIcon
ImageList_GetDragImage
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawEx
ImageList_Draw
CreatePropertySheetPageA

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de28a385b796885b73e8c99fcbf4329c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

shlwapi

comctl32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 512B - Virtual size: 228B

.v2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 512B - Virtual size: 228B

.v2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB