0f388fb0ca037d4a0ba42ca65e7e9be0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f388fb0ca037d4a0ba42ca65e7e9be0_JaffaCakes118
Size

67KB
MD5

0f388fb0ca037d4a0ba42ca65e7e9be0
SHA1

2986e009ca62b413010b99163e34744a986e8a4b
SHA256

1bca9f625acf963fc181409d8d6cab1a169ccc1e86bec1549bb4b9eb6c802221
SHA512

0d42beec5edef44def55ac3303d0d7ab70a00c1902f5ede51de658bebe70ca3de7d1dbbe53ef787db08a3053b7fbe5a6bd1fce4655049c4bdde8f5a8a73d6e29
SSDEEP

1536:dmGRpIDEXi+GV1P7o3mkMCxXY05ux0VR/g9qX+:dhsEuU3mjC5YPxWR/N+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f388fb0ca037d4a0ba42ca65e7e9be0_JaffaCakes118

Files

0f388fb0ca037d4a0ba42ca65e7e9be0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ff5db779051c57661a5da085239ce27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetComputerNameA

user32

GetSysColorBrush
EndDeferWindowPos
CallWindowProcW
ActivateKeyboardLayout
DrawTextExA
ShowCaret
GetMenuCheckMarkDimensions
ScreenToClient
LoadMenuIndirectW
OemKeyScan
CheckMenuItem
DdeGetData
DdeKeepStringHandle
TrackPopupMenu
CascadeWindows
SetWindowTextW
GetKeyboardState
EndDialog
LoadCursorA
GetSystemMetrics
PostQuitMessage
DrawTextW
DdeQueryNextServer
ModifyMenuA
GetIconInfo
DdeUnaccessData
GetScrollRange
IsCharUpperW
ValidateRgn
DestroyWindow
GrayStringW
DestroyCursor
CharPrevW
ChangeDisplaySettingsExW
ReuseDDElParam
FindWindowA
RegisterHotKey
SetActiveWindow
GetCaretPos
ChildWindowFromPointEx
SetSystemCursor
IMPSetIMEW
SetUserObjectSecurity
ScrollWindowEx
ToAsciiEx
DefDlgProcA
SwapMouseButton
OemToCharA
GetWindowTextLengthA
SetProcessDefaultLayout
LookupIconIdFromDirectoryEx
SetDebugErrorLevel
IsWindowEnabled
SetRectEmpty
GetClipboardFormatNameA
CreateDialogParamA
GetDlgItemTextW
FlashWindow
MonitorFromRect
DlgDirSelectExA
GetWindow
IsClipboardFormatAvailable
DrawIcon
LoadStringA
SendMessageTimeoutA
CreateIconFromResourceEx
CreateIcon
RegisterClassExW
MessageBoxExW
CopyAcceleratorTableW
SetUserObjectInformationA
DeferWindowPos
CloseClipboard
IsRectEmpty
CreateWindowStationW
WINNLSEnableIME
DestroyIcon
ShowWindow
MessageBoxA
EnumWindowStationsW
OemToCharW
ModifyMenuW
GetKBCodePage
GetUserObjectInformationA
GetMenu
FindWindowExA
DlgDirListW
GrayStringA
InvertRect
SetPropW
BeginDeferWindowPos
LoadIconA

advapi32

RegOpenKeyExA
RegQueryValueExA

shlwapi

PathFindSuffixArrayW
PathIsRootA
SHRegGetUSValueA
PathIsURLA
SHQueryInfoKeyA
SHRegDeleteUSValueA
StrCpyNW
wvnsprintfW
StrCmpNA
PathRemoveFileSpecA
SHRegEnumUSKeyA
UrlIsNoHistoryW
AssocQueryKeyA
PathGetCharTypeW
StrStrIW
PathIsURLW
SHStrDupA
SHRegSetUSValueA
PathIsUNCServerShareW
SHDeleteKeyA
UrlIsOpaqueW
StrCSpnA
PathCompactPathExW
PathIsUNCA
SHCreateShellPalette
SHGetThreadRef
PathFileExistsA
SHDeleteKeyW
StrFormatKBSizeW
PathUnExpandEnvStringsW
SHGetInverseCMAP
StrTrimA
PathIsDirectoryW
PathUnquoteSpacesW
wnsprintfA
SHCreateStreamOnFileA
StrNCatW
StrCmpNIW
SHSetValueA
PathStripToRootW
ColorHLSToRGB
AssocQueryStringByKeyA
PathCanonicalizeW
SHEnumKeyExW
StrRChrW
PathIsRootW
PathCompactPathA
SHRegQueryUSValueA
SHRegQueryInfoUSKeyW
StrChrIW
PathFindFileNameW
SHRegGetBoolUSValueW
PathIsContentTypeA
SHRegDeleteEmptyUSKeyW
SHOpenRegStreamA
PathCombineW
PathCompactPathExA
PathStripPathA
PathUnquoteSpacesA
StrStrW
PathRelativePathToW
PathIsDirectoryA
StrCmpW
PathIsSystemFolderW
PathIsRelativeW
StrToIntA
UrlCombineA
StrPBrkW
StrFromTimeIntervalW
PathParseIconLocationA
PathUndecorateW
StrCpyW
UrlCompareW
PathIsUNCServerShareA
ord16
AssocQueryStringByKeyW
SHQueryValueExW
PathIsSameRootW
StrRStrIW
SHStrDupW
SHRegSetPathW
StrRChrIW
SHRegOpenUSKeyW
PathRemoveBackslashA
UrlCanonicalizeA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d1
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ff5db779051c57661a5da085239ce27

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 3KB - Virtual size: 3KB

.d2 Size: 1024B - Virtual size: 1000B

.d1 Size: 40KB - Virtual size: 40KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 1024B - Virtual size: 904B

.text
Size: 3KB - Virtual size: 3KB

.d2
Size: 1024B - Virtual size: 1000B

.d1
Size: 40KB - Virtual size: 40KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 1024B - Virtual size: 904B