155b0c6e0a77562b49386c85df79c40d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

155b0c6e0a77562b49386c85df79c40d_JaffaCakes118
Size

36KB
MD5

155b0c6e0a77562b49386c85df79c40d
SHA1

8b63a0aaa1534d7bfe185dd87194e9115cbb4265
SHA256

2104f867bff26e1a7fc0ee52e13ba8b19660eb4d802654d62f2e89e55dce7ede
SHA512

ece4d00a9945d2561ef390ef076d6203ca56c4b6bdb2b578fa5b0a565c771c9888c449b9d71c37571402a792cf40abb9e60865b25ddd63df984031917416c482
SSDEEP

768:8IEUMxwfNsh89GivwBiCFL04ymE1UQda+V5O9t6Vrm9j4ixfKA9:rEwNXBoBzZ0QE1bs+VUMxm9j8w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
155b0c6e0a77562b49386c85df79c40d_JaffaCakes118

Files

155b0c6e0a77562b49386c85df79c40d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

de28a385b796885b73e8c99fcbf4329c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
VirtualAlloc
CreateFileW

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

advapi32

RegOpenKeyExA

shlwapi

SHRegSetPathW
SHSetValueW
SHSkipJunction
StrCSpnIA
StrCSpnIW
StrCatBuffW
StrChrA
StrChrW
StrFormatByteSize64A
StrFormatByteSizeW
StrFromTimeIntervalW
StrIsIntlEqualW
StrPBrkW
StrRChrIA
StrRChrW
StrSpnA
StrStrW
StrToIntExA
StrTrimA
UrlCanonicalizeA
UrlCanonicalizeW
UrlCreateFromPathW
UrlEscapeA
UrlGetLocationA
UrlIsA
UrlUnescapeA
wnsprintfW
wvnsprintfW
SHRegOpenUSKeyA
SHRegGetBoolUSValueW
SHRegEnumUSKeyW
SHRegDeleteUSValueA
SHRegDeleteEmptyUSKeyA
SHRegCloseUSKey
SHQueryValueExA
SHQueryInfoKeyA
SHOpenRegStreamA
SHGetInverseCMAP
SHEnumValueA
SHEnumKeyExW
SHDeleteValueA
SHDeleteEmptyKeyA
SHCreateStreamOnFileA
SHCreateShellPalette
SHCopyKeyW
SHCopyKeyA
PathUnquoteSpacesW
PathUndecorateA
PathUnExpandEnvStringsW
PathStripPathW
PathSearchAndQualifyA
PathRemoveExtensionA
PathRemoveBlanksA
PathRemoveBackslashW
PathRemoveArgsW
PathRelativePathToA
PathParseIconLocationA
PathMatchSpecW
PathIsURLA
PathIsUNCServerShareA
PathIsSystemFolderA
PathIsSameRootW
PathIsRootW
PathIsPrefixW
PathIsNetworkPathW
PathIsNetworkPathA
PathIsDirectoryEmptyW
PathIsDirectoryA
PathGetCharTypeA
PathGetArgsW
PathFindSuffixArrayW
PathFindNextComponentW
PathFindExtensionA
PathCompactPathW
PathCommonPrefixW
PathCanonicalizeA
PathBuildRootW
PathBuildRootA
PathAppendW
PathAddBackslashW
IntlStrEqWorkerA
ColorRGBToHLS
ColorAdjustLuma
ChrCmpIW
AssocQueryStringByKeyA
AssocQueryStringA
AssocCreate
SHRegQueryUSValueA

comctl32

CreateStatusWindow
ord6
ord7
CreateToolbarEx
ord16
DestroyPropertySheetPage
ord15
DrawStatusText
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
CreatePropertySheetPageW
FlatSB_SetScrollProp
ord4
GetMUILanguage
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragShowNolock
FlatSB_GetScrollRange
UninitializeFlatSB
ord3
PropertySheetW
PropertySheetA
PropertySheet
ord2
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_Merge
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIcon
ImageList_GetDragImage
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawEx
ImageList_Draw
CreatePropertySheetPageA

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de28a385b796885b73e8c99fcbf4329c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

shlwapi

comctl32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 512B - Virtual size: 228B

.v2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 512B - Virtual size: 228B

.v2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB