8ca373108d1e351b44e6b2f464c58077_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ca373108d1e351b44e6b2f464c58077_JaffaCakes118
Size

56KB
MD5

8ca373108d1e351b44e6b2f464c58077
SHA1

2fd10f0e8e16e20589b8f4ea8d338243ddd705b2
SHA256

faf843331463a70099b9b8f1a99e641c3e488c0dfc7d0226ce8275f0ddf69187
SHA512

a05c682afbe0eb71c8ab6b453ea70fdbb864bdd9e5c0feab75363e8863d2aa7b40a05c54bce7a05b48b73af5641fb8d6c8b04dbfad487a161b8792ad1d80ecde
SSDEEP

768:a43NaG7ScJP1r/2gXvfymtso+Ra8DAAhrav8LC57h/jGn8OXVKRO3VX9xndd4WvH:hmihaRxAA8B68RROB9xtvyveNx/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ca373108d1e351b44e6b2f464c58077_JaffaCakes118

Files

8ca373108d1e351b44e6b2f464c58077_JaffaCakes118
.dll windows:4 windows x86 arch:x86

720562ef9c65efcf51ef7e7dde1a3b23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHOpenRegStream2A
SHIsLowMemoryMachine
SHGetValueW
SHGetValueA
SHGetThreadRef
SHGetInverseCMAP
SHEnumValueW
SHEnumValueA
SHEnumKeyExW
SHEnumKeyExA
SHDeleteValueW
SHDeleteValueA
SHDeleteKeyW
SHDeleteKeyA
SHDeleteEmptyKeyW
SHDeleteEmptyKeyA
ord16
SHCreateStreamOnFileW
SHCreateStreamOnFileA
SHCreateShellPalette
SHCopyKeyW
SHCopyKeyA
SHAutoComplete
PathUnquoteSpacesW
PathUnquoteSpacesA
PathUnmakeSystemFolderW
PathUnmakeSystemFolderA
PathUndecorateW
PathUndecorateA
PathUnExpandEnvStringsW
PathUnExpandEnvStringsA
PathStripToRootW
PathStripToRootA
PathStripPathW
PathStripPathA
PathSkipRootW
PathSkipRootA
PathSetDlgItemPathW
PathSetDlgItemPathA
PathSearchAndQualifyW
PathSearchAndQualifyA
PathRenameExtensionW
PathRenameExtensionA
PathRemoveFileSpecW
PathRemoveFileSpecA
PathRemoveExtensionW
PathRemoveExtensionA
PathRemoveBlanksW
PathRemoveBlanksA
PathRemoveBackslashW
PathRemoveBackslashA
PathRemoveArgsW
PathRemoveArgsA
PathRelativePathToW
PathRelativePathToA
PathQuoteSpacesW
PathQuoteSpacesA
PathParseIconLocationW
PathParseIconLocationA
PathMatchSpecW
PathMatchSpecA
PathMakeSystemFolderW
PathMakeSystemFolderA
PathMakePrettyW
PathMakePrettyA
PathIsURLW
PathIsURLA
PathIsUNCW
PathIsUNCServerW
PathIsUNCServerShareW
PathIsUNCServerShareA
SHOpenRegStream2W
PathIsUNCA
PathIsSystemFolderW
PathIsSystemFolderA
PathIsSameRootW
PathIsSameRootA
PathIsRootW
PathIsRootA
PathIsRelativeW
PathIsRelativeA
PathIsPrefixW
PathIsPrefixA
PathIsNetworkPathW
PathIsNetworkPathA
PathIsLFNFileSpecW
PathIsLFNFileSpecA
PathIsFileSpecW
PathIsFileSpecA
PathIsDirectoryW
PathIsDirectoryEmptyW
PathIsDirectoryEmptyA
PathIsDirectoryA
PathIsContentTypeW
PathIsContentTypeA
PathGetDriveNumberW
PathGetDriveNumberA
PathGetCharTypeW
PathGetCharTypeA
PathGetArgsW
PathGetArgsA
PathFindSuffixArrayW
PathFindSuffixArrayA
PathFindOnPathW
PathFindOnPathA
PathFindNextComponentW
PathFindNextComponentA
PathFindFileNameW
PathFindFileNameA
PathFindExtensionW
PathFindExtensionA
PathFileExistsW
PathFileExistsA
PathCreateFromUrlW
PathCreateFromUrlA
PathCompactPathW
PathCompactPathExW
PathCompactPathExA
PathCompactPathA
PathCommonPrefixW
PathCommonPrefixA
PathCombineW
PathCombineA
PathCanonicalizeW
PathCanonicalizeA
PathBuildRootW
PathBuildRootA
PathAppendW
PathAppendA
PathAddExtensionW
PathAddExtensionA
PathAddBackslashW
PathAddBackslashA
IntlStrEqWorkerW
IntlStrEqWorkerA
HashData
GetMenuPosFromID
ColorRGBToHLS
ColorHLSToRGB
ColorAdjustLuma
ChrCmpIW
ChrCmpIA
SHOpenRegStreamA
SHOpenRegStreamW
SHQueryInfoKeyA
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegCloseUSKey
SHRegCreateUSKeyA
SHRegCreateUSKeyW
SHRegDeleteEmptyUSKeyA
SHRegDeleteEmptyUSKeyW
SHRegDeleteUSValueA
SHRegDeleteUSValueW
SHRegDuplicateHKey
SHRegEnumUSKeyA
SHRegEnumUSKeyW
SHRegEnumUSValueA
SHRegEnumUSValueW
SHRegGetBoolUSValueA
SHRegGetBoolUSValueW
SHRegGetPathA
SHRegGetPathW
SHRegGetUSValueA
SHRegGetUSValueW
SHRegOpenUSKeyA
SHRegOpenUSKeyW
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegQueryUSValueW
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
SHRegSetUSValueW
SHRegWriteUSValueA
SHRegWriteUSValueW
SHSetThreadRef
SHSetValueA
SHSetValueW
SHStrDupA
SHSkipJunction
PathIsUNCServerA
SHStrDupW

kernel32

LocalSize
FindResourceW
FindResourceExA
HeapFree
GetProcessHeap
HeapAlloc
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiber
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateMailslotA
CreateMailslotW
CommConfigDialogW
CompareFileTime
CompareStringA
CompareStringW
ConnectNamedPipe
ContinueDebugEvent
ConvertDefaultLocale
ConvertThreadToFiber
CopyFileA
CopyFileExA
CopyFileExW
CopyFileW
Beep
GetFileTime

ole32

OleRun

user32

ChildWindowFromPointEx
ChildWindowFromPoint
CheckRadioButton
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharUpperA
CharToOemW
CharToOemBuffW
CharToOemBuffA
CharToOemA
CharPrevW
CharPrevExA
CharPrevA
CharNextW
CharNextExA
CharNextA
CharLowerW
CharLowerBuffW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeMenuA
ChangeDisplaySettingsW
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
ChangeDisplaySettingsA
ChangeClipboardChain
ReleaseDC

advapi32

RegLoadKeyA

msvcrt

malloc
memset
free

winmm

mmioOpenA

Exports

Exports

bybc

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

720562ef9c65efcf51ef7e7dde1a3b23

Headers

File Characteristics

Imports

shlwapi

kernel32

ole32

user32

advapi32

msvcrt

winmm

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 24KB - Virtual size: 113KB

.rsrc Size: 1024B - Virtual size: 808B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 24KB - Virtual size: 113KB

.rsrc
Size: 1024B - Virtual size: 808B

.reloc
Size: 1KB - Virtual size: 1KB