3688e505557c016c415b0d492b3c2d55_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3688e505557c016c415b0d492b3c2d55_JaffaCakes118
Size

40KB
MD5

3688e505557c016c415b0d492b3c2d55
SHA1

f7c0afcdd6c91025059e1fa8a25ebbe087a6ddaa
SHA256

47871d92c302d7bd007857d0043e6aac44b404593b2432a3a724a99b2a92cad4
SHA512

8948849bc997e73969a2599f07312ad1b9ee52405bd5c9af67a383a4e84320af315f7f8104e76363d6ab12c0bec8633dce002b8d4af78b5e4ac1c65b17fc7637
SSDEEP

768:yIEUMxwfNsh89GivwBiCFL04ymE1UQda+V5O9t6Vrm9j4ixfKAjHslK1ycDT:dEwNXBoBzZ0QE1bs+VUMxm9j82

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3688e505557c016c415b0d492b3c2d55_JaffaCakes118

Files

3688e505557c016c415b0d492b3c2d55_JaffaCakes118
.exe windows:5 windows x86 arch:x86

de28a385b796885b73e8c99fcbf4329c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
VirtualAlloc
CreateFileW

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

advapi32

RegOpenKeyExA

shlwapi

SHRegSetPathW
SHSetValueW
SHSkipJunction
StrCSpnIA
StrCSpnIW
StrCatBuffW
StrChrA
StrChrW
StrFormatByteSize64A
StrFormatByteSizeW
StrFromTimeIntervalW
StrIsIntlEqualW
StrPBrkW
StrRChrIA
StrRChrW
StrSpnA
StrStrW
StrToIntExA
StrTrimA
UrlCanonicalizeA
UrlCanonicalizeW
UrlCreateFromPathW
UrlEscapeA
UrlGetLocationA
UrlIsA
UrlUnescapeA
wnsprintfW
wvnsprintfW
SHRegOpenUSKeyA
SHRegGetBoolUSValueW
SHRegEnumUSKeyW
SHRegDeleteUSValueA
SHRegDeleteEmptyUSKeyA
SHRegCloseUSKey
SHQueryValueExA
SHQueryInfoKeyA
SHOpenRegStreamA
SHGetInverseCMAP
SHEnumValueA
SHEnumKeyExW
SHDeleteValueA
SHDeleteEmptyKeyA
SHCreateStreamOnFileA
SHCreateShellPalette
SHCopyKeyW
SHCopyKeyA
PathUnquoteSpacesW
PathUndecorateA
PathUnExpandEnvStringsW
PathStripPathW
PathSearchAndQualifyA
PathRemoveExtensionA
PathRemoveBlanksA
PathRemoveBackslashW
PathRemoveArgsW
PathRelativePathToA
PathParseIconLocationA
PathMatchSpecW
PathIsURLA
PathIsUNCServerShareA
PathIsSystemFolderA
PathIsSameRootW
PathIsRootW
PathIsPrefixW
PathIsNetworkPathW
PathIsNetworkPathA
PathIsDirectoryEmptyW
PathIsDirectoryA
PathGetCharTypeA
PathGetArgsW
PathFindSuffixArrayW
PathFindNextComponentW
PathFindExtensionA
PathCompactPathW
PathCommonPrefixW
PathCanonicalizeA
PathBuildRootW
PathBuildRootA
PathAppendW
PathAddBackslashW
IntlStrEqWorkerA
ColorRGBToHLS
ColorAdjustLuma
ChrCmpIW
AssocQueryStringByKeyA
AssocQueryStringA
AssocCreate
SHRegQueryUSValueA

comctl32

CreateStatusWindow
ord6
ord7
CreateToolbarEx
ord16
DestroyPropertySheetPage
ord15
DrawStatusText
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
CreatePropertySheetPageW
FlatSB_SetScrollProp
ord4
GetMUILanguage
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragShowNolock
FlatSB_GetScrollRange
UninitializeFlatSB
ord3
PropertySheetW
PropertySheetA
PropertySheet
ord2
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_Merge
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIcon
ImageList_GetDragImage
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawEx
ImageList_Draw
CreatePropertySheetPageA

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de28a385b796885b73e8c99fcbf4329c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

shlwapi

comctl32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 512B - Virtual size: 228B

.v2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 512B - Virtual size: 228B

.v2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB