08ac2dd22e419bda1fe25a3fac756d0f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08ac2dd22e419bda1fe25a3fac756d0f_JaffaCakes118
Size

17KB
MD5

08ac2dd22e419bda1fe25a3fac756d0f
SHA1

d08b788d9da2e682af4fe0883ed44b595fd8e9b3
SHA256

02a1ed77eeb9475c57942b56d61b2803c012b6463a0c60a176abd1c6e5e42e9c
SHA512

ef64e5babbf30aaa944290ce773d20568c7d8be4b40ebcbbd533e1a48ae8bcb123ab9e9b80029617f16f253a1fa628140fd437b6092f0fad61f118c0a430afca
SSDEEP

192:CuvfYgzKqwMRX0SFaiSar8ERkQeZIVObfRaDd35WK8cND3koxYc:C2QgzKqw4X0SFaiFYsOIEfexyc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08ac2dd22e419bda1fe25a3fac756d0f_JaffaCakes118

Files

08ac2dd22e419bda1fe25a3fac756d0f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4d3b60b305f049c57d6db12f207a4127

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

msvcrt

memset

user32

LoadBitmapA

advapi32

RegOpenKeyExW
RegOpenKeyExA

shlwapi

wvnsprintfA
UrlUnescapeW
UrlCompareA
ChrCmpIW
ColorAdjustLuma
GetMenuPosFromID
PathAddBackslashW
PathAddExtensionA
PathCombineW
PathCommonPrefixA
PathCommonPrefixW
PathCompactPathExA
PathCompactPathExW
PathCompactPathW
PathFindFileNameA
PathFindNextComponentA
PathFindSuffixArrayW
PathGetDriveNumberA
PathGetDriveNumberW
PathIsDirectoryA
PathIsFileSpecW
PathIsLFNFileSpecA
PathIsNetworkPathA
PathIsPrefixW
PathIsRelativeW
PathIsSameRootA
PathIsSystemFolderA
PathIsSystemFolderW
PathIsUNCServerA
PathIsUNCServerShareA
PathIsURLW
PathMakeSystemFolderA
PathMatchSpecA
PathMatchSpecW
PathParseIconLocationW
PathQuoteSpacesA
PathRemoveFileSpecA
PathSearchAndQualifyW
PathSetDlgItemPathW
PathStripToRootA
PathStripToRootW
PathUndecorateA
PathUnmakeSystemFolderW
PathUnquoteSpacesA
PathUnquoteSpacesW
SHCopyKeyA
SHCreateStreamOnFileA
SHDeleteEmptyKeyA
SHDeleteValueA
SHEnumKeyExA
SHEnumValueW
SHGetInverseCMAP
SHGetValueA
SHIsLowMemoryMachine
SHOpenRegStream2A
SHQueryInfoKeyW
SHQueryValueExW
SHRegDeleteEmptyUSKeyW
SHRegEnumUSKeyW
SHRegGetBoolUSValueA
SHRegGetUSValueA
SHRegSetPathA
SHRegSetPathW
SHRegWriteUSValueW
SHSetValueA
StrCatW
StrCmpNIA
StrCmpNIW
StrCmpNW
StrCpyNW
StrIsIntlEqualA
StrNCatA
StrRChrA
StrRChrW
StrRStrIA
StrRStrIW
StrRetToBufA
StrSpnA
StrToIntW
UrlApplySchemeW
UrlCombineA
UrlCombineW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d3b60b305f049c57d6db12f207a4127

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

shlwapi

version

Sections

.text Size: 4KB - Virtual size: 4KB

.text1 Size: 1024B - Virtual size: 800B

.text2 Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 120B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.text1
Size: 1024B - Virtual size: 800B

.text2
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 120B

.rsrc
Size: 2KB - Virtual size: 1KB