f5a488441ba107354ef5c39807fab181_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5a488441ba107354ef5c39807fab181_JaffaCakes118
Size

17KB
MD5

f5a488441ba107354ef5c39807fab181
SHA1

dff269d8603023f45bf7ca31c5e57e639828cf60
SHA256

9d33594153ba3b1da49a3bde1895a71cecb2c1050c1fce27d79bd3dadc06aa70
SHA512

1226608245971419e860c693f4ee27f45f8575432d6db3342abc8ab87c44c3dffbfda51a964c55155a33f1a4ffed8f283ea1df52e0b862755a04d4dd9343e7e0
SSDEEP

192:UGRGGvYoqRBggZQGKSFaSsqar8ERkc7yeZIVObfRaDd35WK88hND3koxYc:UeYoKmSFaDYUyOIEfexy89

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5a488441ba107354ef5c39807fab181_JaffaCakes118

Files

f5a488441ba107354ef5c39807fab181_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bf8c151593655cae1ae89c0cf4655f48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

msvcrt

memset

user32

LoadBitmapW

advapi32

RegOpenKeyExW

shlwapi

UrlUnescapeA
wvnsprintfW
wnsprintfW
AssocQueryStringByKeyA
AssocQueryStringByKeyW
ChrCmpIA
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
HashData
PathAddBackslashW
PathAddExtensionW
PathAppendA
PathBuildRootA
PathBuildRootW
PathCanonicalizeA
PathCombineA
PathCommonPrefixA
PathCommonPrefixW
PathCompactPathW
PathCreateFromUrlW
PathFindFileNameA
PathFindFileNameW
PathFindOnPathA
PathFindSuffixArrayW
PathGetCharTypeW
PathIsContentTypeA
PathIsDirectoryEmptyW
PathIsFileSpecA
PathIsLFNFileSpecW
PathIsNetworkPathW
PathIsPrefixA
PathIsRelativeW
PathIsSameRootA
PathIsSystemFolderW
PathMakePrettyA
PathMakePrettyW
PathMakeSystemFolderW
PathRemoveBackslashW
PathStripPathA
PathUndecorateA
PathUndecorateW
PathUnmakeSystemFolderA
SHCopyKeyW
SHDeleteEmptyKeyW
SHDeleteValueW
SHGetInverseCMAP
SHOpenRegStream2W
SHQueryValueExW
SHRegCloseUSKey
SHRegEnumUSKeyA
SHRegEnumUSValueW
SHRegGetPathW
SHRegGetUSValueA
SHRegOpenUSKeyA
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
StrCSpnA
StrCSpnIW
StrCatBuffA
StrCatBuffW
StrCmpNIW
StrCpyNW
StrCpyW
StrDupA
StrDupW
StrFormatByteSizeW
StrFormatKBSizeW
StrFromTimeIntervalA
StrIsIntlEqualW
StrPBrkW
StrRChrA
StrRChrIA
StrStrA
StrToIntExA
StrTrimW
UrlApplySchemeA
UrlCanonicalizeW
UrlIsNoHistoryA
UrlIsOpaqueW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf8c151593655cae1ae89c0cf4655f48

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

shlwapi

version

Sections

.text Size: 4KB - Virtual size: 4KB

.text1 Size: 1024B - Virtual size: 800B

.text2 Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 136B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.text1
Size: 1024B - Virtual size: 800B

.text2
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 136B

.rsrc
Size: 2KB - Virtual size: 1KB