c1f4ac88767889d9cbd87fead29d7559_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c1f4ac88767889d9cbd87fead29d7559_JaffaCakes118
Size

17KB
MD5

c1f4ac88767889d9cbd87fead29d7559
SHA1

76dfe26d41fe0a80109f577859f6caa6b8e37a5f
SHA256

8cf8b205e35c7d42625d075a3bd2d3c3a85c90309d85ef79299a9b84b0c8d9fe
SHA512

98ee3bec15d24648831d84e7f176b5189b07d6feb72e14c5f50d8cfb04db739b49f245e397530eead2d451a49496b2679206139ecfcc894aae6f1104b20d0ada
SSDEEP

192:UNRGGvX/qRBggZQGKSFaSsGar8ERkgQePtcjYPgvyp+3a15K0+8m4hND3koxYc:UzX/KmSFanY9rLaWa15rxm49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1f4ac88767889d9cbd87fead29d7559_JaffaCakes118

Files

c1f4ac88767889d9cbd87fead29d7559_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bf8c151593655cae1ae89c0cf4655f48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

msvcrt

memset

user32

LoadBitmapW

advapi32

RegOpenKeyExW

shlwapi

UrlUnescapeA
wvnsprintfW
wnsprintfW
AssocQueryStringByKeyA
AssocQueryStringByKeyW
ChrCmpIA
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
HashData
PathAddBackslashW
PathAddExtensionW
PathAppendA
PathBuildRootA
PathBuildRootW
PathCanonicalizeA
PathCombineA
PathCommonPrefixA
PathCommonPrefixW
PathCompactPathW
PathCreateFromUrlW
PathFindFileNameA
PathFindFileNameW
PathFindOnPathA
PathFindSuffixArrayW
PathGetCharTypeW
PathIsContentTypeA
PathIsDirectoryEmptyW
PathIsFileSpecA
PathIsLFNFileSpecW
PathIsNetworkPathW
PathIsPrefixA
PathIsRelativeW
PathIsSameRootA
PathIsSystemFolderW
PathMakePrettyA
PathMakePrettyW
PathMakeSystemFolderW
PathRemoveBackslashW
PathStripPathA
PathUndecorateA
PathUndecorateW
PathUnmakeSystemFolderA
SHCopyKeyW
SHDeleteEmptyKeyW
SHDeleteValueW
SHGetInverseCMAP
SHOpenRegStream2W
SHQueryValueExW
SHRegCloseUSKey
SHRegEnumUSKeyA
SHRegEnumUSValueW
SHRegGetPathW
SHRegGetUSValueA
SHRegOpenUSKeyA
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
StrCSpnA
StrCSpnIW
StrCatBuffA
StrCatBuffW
StrCmpNIW
StrCpyNW
StrCpyW
StrDupA
StrDupW
StrFormatByteSizeW
StrFormatKBSizeW
StrFromTimeIntervalA
StrIsIntlEqualW
StrPBrkW
StrRChrA
StrRChrIA
StrStrA
StrToIntExA
StrTrimW
UrlApplySchemeA
UrlCanonicalizeW
UrlIsNoHistoryA
UrlIsOpaqueW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf8c151593655cae1ae89c0cf4655f48

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

shlwapi

version

Sections

.text Size: 4KB - Virtual size: 4KB

.text1 Size: 1024B - Virtual size: 800B

.text2 Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 136B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.text1
Size: 1024B - Virtual size: 800B

.text2
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 136B

.rsrc
Size: 2KB - Virtual size: 1KB