fffcd5b17644e6882da39be5bb67365e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fffcd5b17644e6882da39be5bb67365e_JaffaCakes118
Size

399KB
MD5

fffcd5b17644e6882da39be5bb67365e
SHA1

f588514373df6cf0927fd2b685eaf8f2727922cd
SHA256

9a4b1b6421bdd248bb7e0fafa049a8b0bf7577e81d448db69c0b87cd6c6b8c07
SHA512

532f6a2fadc455bb7b60999a5328b391893950f7e6e1a1388d9b3e601642c9a49e154ab3c27d8ecbb1636c777a5eec5a6837d37cce7bd8e2d0e20bc3544e4e87
SSDEEP

12288:2rNvTkpqn+lYsnrlStIOt+VneLxyu9FU0bON:SyFVeLx7vW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fffcd5b17644e6882da39be5bb67365e_JaffaCakes118

Files

fffcd5b17644e6882da39be5bb67365e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d458a5e21540fd64efbecbf28aeb161b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW
ChooseFontW
GetOpenFileNameW
LoadAlterBitmap

gdi32

GetWinMetaFileBits
GetCharacterPlacementW
RestoreDC
CreatePatternBrush
GetFontData
GetMetaRgn
SetWindowExtEx
AbortPath
FillRgn
GetTextMetricsA
GetTextMetricsW
CheckColorsInGamut
GetFontLanguageInfo
CreateBrushIndirect
GetCharABCWidthsFloatA
GetDIBColorTable
EnumICMProfilesW
AngleArc
EnumEnhMetaFile
GetEnhMetaFileW
GetMetaFileBitsEx
GetMapMode
SetWorldTransform
GetCharABCWidthsFloatW
GetCharWidthW

wininet

InternetConnectW
RetrieveUrlCacheEntryFileW
InternetTimeFromSystemTimeW
GetUrlCacheEntryInfoA

shell32

ShellAboutA
ExtractAssociatedIconW
SHFileOperationW
RealShellExecuteExW
SHFreeNameMappings
SHFileOperationA
SHAppBarMessage
FindExecutableW
SHLoadInProc
DragQueryFileW
DragQueryFileAorW
SHFormatDrive
SHFileOperation
SHGetFileInfoA
CheckEscapesW
InternalExtractIconListA
ShellAboutW
SHGetFileInfoW
CommandLineToArgvW

kernel32

GetDateFormatA
QueryPerformanceCounter
LeaveCriticalSection
TlsSetValue
GetCommandLineA
VirtualFree
SetEnvironmentVariableA
EnumSystemLocalesA
LoadLibraryA
GetTickCount
InterlockedExchange
RtlUnwind
GetFileType
GetEnvironmentStringsW
GetNamedPipeInfo
IsBadWritePtr
GetTimeZoneInformation
HeapCreate
GetCPInfo
GetCurrentProcess
IsValidCodePage
GetCurrentProcessId
CompareStringA
GetStringTypeA
GetStdHandle
GetProcAddress
GetLocaleInfoA
LCMapStringW
GetSystemInfo
WriteFile
GetStringTypeW
GetOEMCP
InitializeCriticalSection
VirtualAlloc
GetLastError
EnterCriticalSection
GetCurrentThreadId
GetStartupInfoA
HeapFree
SetHandleCount
TlsGetValue
HeapReAlloc
GetUserDefaultLCID
TerminateProcess
TlsAlloc
GetTimeFormatA
DeleteCriticalSection
GetLocaleInfoW
FreeEnvironmentStringsW
HeapSize
LCMapStringA
HeapDestroy
IsValidLocale
TlsFree
FreeEnvironmentStringsA
GetModuleHandleA
HeapLock
SetLastError
GetACP
GetCurrentThread
VirtualQuery
CompareStringW
MultiByteToWideChar
VirtualProtect
ExitProcess
GetEnvironmentStrings
GetVersionExA
EnumDateFormatsExA
GetConsoleCursorInfo
EnumResourceNamesW
WriteConsoleOutputCharacterW
WideCharToMultiByte
HeapAlloc
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetModuleFileNameA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d458a5e21540fd64efbecbf28aeb161b

Headers

File Characteristics

Imports

comdlg32

gdi32

wininet

shell32

kernel32

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 272KB - Virtual size: 301KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 272KB - Virtual size: 301KB

.rsrc
Size: 5KB - Virtual size: 5KB