70bd0301b268f7d4621e02cba4c17f15_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

70bd0301b268f7d4621e02cba4c17f15_JaffaCakes118
Size

71KB
MD5

70bd0301b268f7d4621e02cba4c17f15
SHA1

074ff54ce513d727c59385dff8df66a310db6c16
SHA256

6ede5520bd997c40644e69698ed34010cb7bd8f4ebd3fc66114e65fdba57f0a9
SHA512

3cc8cddb2f68a2e89a0b6d9c5b1c3bc7eaea98eb09f2344a9334afc471d00d4dda4dde41b48bcc1260e18b8bad18a2e4e8bdc8e4c745d5cb31b9e8f9453b128c
SSDEEP

1536:DBAIqO7PobU68qA6iv74ZUJjw8FqUFHwp2iDgE7P9qnEx2:DOIqO7PobU3v74Ww8rFkv7S02

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70bd0301b268f7d4621e02cba4c17f15_JaffaCakes118

Files

70bd0301b268f7d4621e02cba4c17f15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf52c7715729270ed88253683ed5b87d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
LoadLibraryA
GetLastError
GetProcAddress

user32

MapWindowPoints
GetKeyState
LoadAcceleratorsA
EnumDisplaySettingsW
ToAsciiEx
SetUserObjectInformationW
InvertRect
EnumPropsExA
LoadMenuA
GetMenuItemCount
CharNextExA
GetClassWord
ShowCursor
GetPriorityClipboardFormat
GetUpdateRect
DeregisterShellHookWindow
PostQuitMessage
PtInRect
EnumClipboardFormats
MonitorFromPoint
GetMonitorInfoW
DdeQueryConvInfo
GetMessageTime
CreateDesktopA
SetThreadDesktop
GetClassInfoW
GetKeyboardState
ReleaseCapture
DispatchMessageA
TranslateAccelerator
GetClipboardOwner
ReplyMessage
GetClassInfoExW
CreateDialogIndirectParamW
DrawIconEx
CharToOemBuffA
SetWindowsHookExA
EnumWindows
SetLayeredWindowAttributes
WaitMessage
SetDlgItemInt
SetFocus
IsCharAlphaW
GetKBCodePage
SendNotifyMessageW
BeginPaint
ModifyMenuW
IsClipboardFormatAvailable
SetWindowLongW
DdeEnableCallback
SendDlgItemMessageW
GetMonitorInfoA
InSendMessageEx
EnableWindow
GetScrollInfo
SetShellWindow
EnableScrollBar
DefDlgProcW
CreateMDIWindowW
EndTask
IsIconic
IsCharAlphaA
IsWindowUnicode
CharUpperBuffW
DialogBoxParamA
CharLowerA
KillTimer
OemToCharBuffW
SetClipboardData
PeekMessageW
SetMessageExtraInfo
MsgWaitForMultipleObjects
LoadIconA
GetQueueStatus
CharToOemA
UnloadKeyboardLayout
SendMessageTimeoutW
GetKeyboardLayout
MessageBoxA
SetSysColors
RegisterClipboardFormatW
GetClassLongW
EqualRect
SetParent
DeferWindowPos
EnumDisplaySettingsA
wsprintfW
CharToOemW
RegisterClassA
IsDlgButtonChecked

advapi32

RegOpenKeyExA

shlwapi

StrRChrIA
SHRegOpenUSKeyW
UrlApplySchemeA
PathCommonPrefixA
SHRegOpenUSKeyA
StrCmpNA
SHDeleteEmptyKeyA
PathFileExistsA
StrFormatByteSize64A
StrRetToBufW
StrStrW
UrlIsOpaqueW
StrRetToBufA
AssocQueryStringW
StrCmpNW
PathRemoveExtensionW
StrCSpnIW
StrNCatW
SHRegWriteUSValueA
StrFormatKBSizeA
PathGetArgsW
StrCatW
SHGetInverseCMAP
SHRegDeleteEmptyUSKeyW
SHCopyKeyA
StrChrW
PathQuoteSpacesA
PathIsUNCServerW
SHRegDeleteEmptyUSKeyA
PathCombineW
StrFromTimeIntervalA
UrlIsA
StrFormatByteSizeW
StrChrIA
AssocQueryKeyA
PathRemoveBlanksW
PathUnquoteSpacesA
StrIsIntlEqualA
PathIsNetworkPathW
PathFindOnPathW
PathAppendW
PathRemoveExtensionA
SHDeleteEmptyKeyW
PathRemoveArgsA
PathCompactPathExA
PathParseIconLocationA
UrlIsW
PathGetDriveNumberW
PathSkipRootW
SHIsLowMemoryMachine
PathIsUNCServerA
UrlIsNoHistoryW
StrCmpNIW
PathUnmakeSystemFolderA
PathFindExtensionA
PathMakePrettyA
SHEnumKeyExA
SHRegGetBoolUSValueW
AssocQueryStringByKeyW
SHRegEnumUSValueW
StrDupW
UrlCreateFromPathW
AssocQueryStringByKeyA
ChrCmpIA
SHRegQueryUSValueW
StrSpnA
SHEnumValueA
StrPBrkW
PathIsFileSpecA
PathFileExistsW
PathIsRootW
StrTrimA
SHStrDupW
StrCatBuffA
PathRenameExtensionW
SHRegGetBoolUSValueA
PathIsRelativeW
StrChrIW
SHSetThreadRef
SHAutoComplete
SHRegCreateUSKeyA
PathMakeSystemFolderA
UrlCanonicalizeA
wvnsprintfA
SHRegEnumUSValueA
PathFindNextComponentW
PathSearchAndQualifyA
SHRegQueryInfoUSKeyA
SHRegEnumUSKeyA
SHCopyKeyW
PathRemoveBackslashA
StrStrIW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d1
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf52c7715729270ed88253683ed5b87d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 3KB - Virtual size: 3KB

.d3 Size: 1024B - Virtual size: 1000B

.d2 Size: 1024B - Virtual size: 1000B

.d1 Size: 40KB - Virtual size: 40KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 1024B - Virtual size: 928B

.text
Size: 3KB - Virtual size: 3KB

.d3
Size: 1024B - Virtual size: 1000B

.d2
Size: 1024B - Virtual size: 1000B

.d1
Size: 40KB - Virtual size: 40KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 1024B - Virtual size: 928B