ffc1cd703b667720d72f60eb98704bf9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ffc1cd703b667720d72f60eb98704bf9_JaffaCakes118
Size

568KB
MD5

ffc1cd703b667720d72f60eb98704bf9
SHA1

c749618be20c0a2aa04f38bff98b0e8b2006fcfb
SHA256

36b8f6f9493e9e3369934dc8967f139cdd48f481069e238889f79d1a6300f002
SHA512

1bfd0bcae429e7e15d0fe83f2e1f98d5bc5d0323f20f223a86473ddf91a57fce681094d68898c96d97e76d0306087fa3881021753ae598645fffeb4de151f0c5
SSDEEP

12288:rbkVCuokIx6SeUI3qKtGqYbnMFY5FyNNQ9St:rbM6Nx6SeVNm6Yb6sSt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffc1cd703b667720d72f60eb98704bf9_JaffaCakes118

Files

ffc1cd703b667720d72f60eb98704bf9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67364659b9ccbf862e2b5bb894d0cfb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\woge

Imports

comdlg32

GetSaveFileNameA
FindTextA
GetSaveFileNameW

user32

CallMsgFilterA
LookupIconIdFromDirectory
DdeInitializeW
GetUserObjectInformationW
GetScrollRange
MapVirtualKeyW
SendNotifyMessageA
RegisterClassA
DlgDirSelectComboBoxExA
RegisterClassExA
DdeFreeStringHandle
OemKeyScan
MsgWaitForMultipleObjectsEx
CreateIconIndirect
LoadAcceleratorsA
SetCaretPos
WindowFromDC
GetMessageExtraInfo
RegisterClipboardFormatW
GetWindowRect
VkKeyScanExA
CreateAcceleratorTableA
DdeQueryStringA
CharLowerA
GetSystemMetrics
IsCharAlphaW
FindWindowExW
EnumDisplayDevicesW
GetClipboardFormatNameW
GetKeyState
SetDlgItemInt
PostQuitMessage
ModifyMenuA
GetMessageW
SendInput
MapVirtualKeyA
GetWindowTextW
GetWindowTextA
KillTimer
SetPropW
CascadeWindows
DrawTextExA
DdeSetUserHandle
InsertMenuItemW
PtInRect
SendDlgItemMessageA
DdeUnaccessData
InternalGetWindowText
FindWindowExA
GetComboBoxInfo
ScrollDC
GetProcessWindowStation
EditWndProc
EmptyClipboard

gdi32

CreatePolyPolygonRgn
SetTextAlign
SelectObject
SetPixel
Rectangle
GetObjectW
GetColorAdjustment
GetTextExtentExPointA
PlayMetaFile
UpdateColors
GetDeviceCaps
GetCurrentObject
DeleteDC
SetEnhMetaFileBits
CreateFontIndirectA
SetBoundsRect
SetViewportExtEx
GetRandomRgn
CreateDCW
SelectClipPath
Polyline
EnumICMProfilesA

kernel32

WaitCommEvent
SetLastError
ReleaseSemaphore
lstrlenW
CreateNamedPipeA
FreeLibraryAndExitThread
GetVersion
ReadFile
VirtualQuery
VirtualProtectEx
WaitNamedPipeA
SetConsoleMode
SetLocaleInfoA
LCMapStringW
LocalLock
EnumCalendarInfoA
HeapFree
lstrcpyW
GetCurrentThreadId
lstrcmpiW
VirtualAllocEx
GetEnvironmentStringsW
GetSystemTimeAsFileTime
FillConsoleOutputCharacterA
TlsFree
OpenMutexA
CompareStringA
SetSystemTime
GetModuleHandleA
FindResourceExW
WideCharToMultiByte
GlobalHandle
PulseEvent
MultiByteToWideChar
SetCurrentDirectoryA
GetUserDefaultLangID
ReadConsoleOutputAttribute
GetStartupInfoW
GetStartupInfoA
LCMapStringA
GetConsoleTitleW
CloseHandle
SetFileTime
WritePrivateProfileStringW
GetSystemDefaultLangID
WriteConsoleInputW
InitializeCriticalSection
RtlUnwind
DosDateTimeToFileTime
TlsAlloc
CompareFileTime
FreeEnvironmentStringsW
GetTempFileNameA
SetFilePointer
GetLastError
GetFileType
GetModuleFileNameW
CreateFileMappingA
ExitProcess
SetConsoleScreenBufferSize
EnterCriticalSection
RemoveDirectoryA
InterlockedIncrement
SetHandleCount
GetConsoleTitleA
GetEnvironmentStrings
OpenProcess
GetModuleFileNameA
GetCurrentThread
GetProcessHeaps
GetCurrentProcess
GetLocalTime
EnumCalendarInfoExW
QueryPerformanceCounter
GetStringTypeW
GetTickCount
LoadLibraryA
ReadConsoleOutputW
SetStdHandle
VirtualFree
GetCurrentProcessId
UnhandledExceptionFilter
GlobalFree
TerminateProcess
InterlockedCompareExchange
HeapCreate
FreeEnvironmentStringsA
GetConsoleOutputCP
DeleteCriticalSection
IsBadWritePtr
GetNumberFormatA
GetSystemTime
HeapReAlloc
GlobalDeleteAtom
CompareStringW
GetStdHandle
InterlockedDecrement
GetTimeZoneInformation
TlsSetValue
SetCurrentDirectoryW
VirtualAlloc
GetCommandLineW
TlsGetValue
CreateMutexA
GetCPInfo
OpenFile
InterlockedExchange
WritePrivateProfileStringA
HeapDestroy
GetThreadLocale
WriteFile
GetTimeFormatA
GetConsoleCP
GetProcAddress
SetEnvironmentVariableA
GlobalUnlock
LeaveCriticalSection
FlushFileBuffers
EnumCalendarInfoExA
HeapAlloc
EnumResourceLanguagesA
GetStringTypeA
GetCommandLineA

wininet

InternetWriteFileExW
InternetSecurityProtocolToStringW
RetrieveUrlCacheEntryFileW
DeleteUrlCacheContainerA
FindNextUrlCacheEntryW

comctl32

InitCommonControlsEx
ImageList_GetImageInfo
ImageList_GetDragImage

advapi32

RegDeleteKeyA

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67364659b9ccbf862e2b5bb894d0cfb5

Headers

File Characteristics

PDB Paths

Imports

comdlg32

user32

gdi32

kernel32

wininet

comctl32

advapi32

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 244KB - Virtual size: 241KB

.data Size: 120KB - Virtual size: 148KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 244KB - Virtual size: 241KB

.data
Size: 120KB - Virtual size: 148KB

.rsrc
Size: 8KB - Virtual size: 7KB