8b617f0a06647e339d8fd278dbe272bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b617f0a06647e339d8fd278dbe272bd_JaffaCakes118
Size

805KB
MD5

8b617f0a06647e339d8fd278dbe272bd
SHA1

8d71a94719f4e654df4120f9541d70eb99f8ad10
SHA256

93e62eb181a2c47984b5a7c5f437f2a1bf891277aaee82a041bfe149e5aefe68
SHA512

627d6137b4c7b07ed0f41466c168a185138ad62473790ca5490f40a0ac5a91d265ced19efb36446b7896c3c68f7e9c367de42759efa9c7b9c4f3ef8d7725993e
SSDEEP

12288:UEKO7DEegB44q622ll9e3uR+n0zJQWMBjBSrNGFg/:xgBK622lR+niKF7SAFg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b617f0a06647e339d8fd278dbe272bd_JaffaCakes118

Files

8b617f0a06647e339d8fd278dbe272bd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2a301a254e579918037a6249ae308ae3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\개인의뢰 프로그램\1열매닷컴 판매용\WiniTwtter\Release\WiniTwit_V2.pdb

Imports

kernel32

GetFileSizeEx
GetFileTime
SetErrorMode
GetTickCount
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetStartupInfoA
RtlUnwind
HeapReAlloc
ExitThread
CreateThread
SetStdHandle
GetFileType
ExitProcess
HeapSize
GetACP
IsValidCodePage
VirtualFree
GetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
InterlockedCompareExchange
FileTimeToLocalFileTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetOEMCP
GetCPInfo
GlobalFlags
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleHandleW
GetModuleFileNameW
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
FreeResource
GlobalFree
LocalFree
lstrcpyA
lstrcmpA
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FlushInstructionCache
GetCurrentProcess
RaiseException
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
Sleep
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
CopyFileA
lstrlenA
HeapAlloc
SetLastError
WriteFile
IsDBCSLeadByteEx
SetFilePointer
ReadFile
GetFileSize
CloseHandle
CreateFileA
HeapFree
GetProcessHeap
GetModuleHandleA
FormatMessageA
GetLastError
lstrlenW
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
WritePrivateProfileStringA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
HeapCreate
GetPrivateProfileStringA
IsProcessorFeaturePresent

user32

RegisterClipboardFormatA
PostThreadMessageA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
PostMessageA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetActiveWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetForegroundWindow
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
GetWindow
GetDlgItem
IsWindow
GetClassNameA
GetSysColor
CharNextA
SetWindowPos
RedrawWindow
GetClassInfoExA
CreateWindowExA
DestroyWindow
CreateAcceleratorTableA
ClientToScreen
GetParent
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
GetClientRect
InvalidateRgn
CallWindowProcA
InvalidateRect
EnableWindow
CharUpperA
GetDC
ReleaseDC
GetDesktopWindow
DestroyAcceleratorTable
GetWindowLongA
SetWindowLongA
DefWindowProcA
LoadCursorA
RegisterClassExA
AppendMenuA
GetSystemMenu
LoadIconA
MessageBoxA
UnregisterClassA
wsprintfA
SendMessageA
MessageBeep
GetNextDlgGroupItem
SetRect
IsRectEmpty
CreateDialogIndirectParamA
CopyAcceleratorTableA
GetSysColorBrush
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
GetWindowThreadProcessId
SetCursor
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CallNextHookEx
ModifyMenuA
EnableMenuItem
CheckMenuItem
ShowWindow
IsDialogMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetActiveWindow
SetWindowsHookExA
LoadBitmapA

gdi32

CreateBitmap
CreateRectRgnIndirect
ExtTextOutA
SaveDC
RestoreDC
SetBkMode
SetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
SetBkColor
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetClipBox
SetTextColor
TextOutA
CreateFontA
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
BitBlt
DeleteDC
GetStockObject
RectVisible
GetDeviceCaps
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
OleUninitialize
CLSIDFromString
CoTaskMemFree
CoCreateGuid
OleRun
CoCreateInstance
OleInitialize
CoInitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantCopy
VariantInit
SysAllocStringLen
GetErrorInfo
SysAllocString
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantChangeType
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

winmm

timeGetTime

wininet

InternetSetOptionA
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetQueryDataAvailable
InternetReadFile

Sections

.text
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 37.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cppnqxe
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a301a254e579918037a6249ae308ae3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

wininet

Sections

.text Size: 334KB - Virtual size: 334KB

.rdata Size: 90KB - Virtual size: 89KB

.data Size: 22KB - Virtual size: 37.2MB

.rsrc Size: 176KB - Virtual size: 175KB

.reloc Size: 166KB - Virtual size: 168KB

cppnqxe Size: - Virtual size: 4KB

.text
Size: 334KB - Virtual size: 334KB

.rdata
Size: 90KB - Virtual size: 89KB

.data
Size: 22KB - Virtual size: 37.2MB

.rsrc
Size: 176KB - Virtual size: 175KB

.reloc
Size: 166KB - Virtual size: 168KB

cppnqxe
Size: - Virtual size: 4KB