ff08893d0b047cd72e3dc181afc9134e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff08893d0b047cd72e3dc181afc9134e_JaffaCakes118
Size

492KB
MD5

ff08893d0b047cd72e3dc181afc9134e
SHA1

5e1607ecc55ff4c1c9aa1949bcbbdb07a3d48b98
SHA256

757b3e6def14d319170b74e90547087e6eec4f986a260de28fab21fdb3731e5e
SHA512

ddfdea84ff054cdbc1727885cf5989db21465e6a2690c5320e4041bd7e4b052433158e99e4a52ac7e4bf1823b1f9a6e8ab201639900c78c08daa5525de7bf66d
SSDEEP

6144:9E2t38Snov+8SG593GIstXBfqTlIoxX5E9RlM19h625XR:9TBDnqSGTH24JbJE349h6C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff08893d0b047cd72e3dc181afc9134e_JaffaCakes118

Files

ff08893d0b047cd72e3dc181afc9134e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2d90e9fa5236980173ce39e86ffc6ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\wrnhyosvc\keepw\tvzndenolw.pdb

Imports

comctl32

ImageList_SetOverlayImage
ImageList_SetFlags
DestroyPropertySheetPage
GetEffectiveClientRect
ImageList_Copy
ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_Merge
CreateUpDownControl
InitCommonControlsEx
ImageList_SetIconSize
ImageList_GetIcon
ImageList_LoadImageW
ImageList_SetFilter
ImageList_DragEnter
CreateMappedBitmap
ImageList_GetImageInfo
ImageList_LoadImage
ImageList_GetImageRect
ImageList_Read
ImageList_Duplicate
ImageList_BeginDrag
ImageList_Destroy
DrawInsert
ImageList_Add

shell32

RealShellExecuteA
DoEnvironmentSubstA

comdlg32

PrintDlgW
ChooseFontW
GetSaveFileNameA
ChooseFontA

user32

CallMsgFilterW
SetPropA
RealGetWindowClass
GetWindowWord
ShowScrollBar
MessageBoxW
SetWindowsHookExW
RedrawWindow
ReleaseDC
OpenWindowStationW
RegisterClassA
WINNLSGetIMEHotkey
DestroyWindow
CreateIcon
ShowWindow
VkKeyScanExA
RegisterDeviceNotificationA
RegisterClassExA
CreateDialogParamW
BroadcastSystemMessage
DrawTextW
CreateWindowExA
GetQueueStatus
EnableWindow
RealChildWindowFromPoint
GetScrollInfo
SendMessageTimeoutA
SendNotifyMessageW
ClipCursor
wsprintfA
GetWindowRect
SetKeyboardState
GetPriorityClipboardFormat
DefMDIChildProcW
GetWindowLongW
DefWindowProcA
InsertMenuA
ChildWindowFromPoint

kernel32

SetThreadLocale
EnumResourceTypesW
EnumDateFormatsExA
ExitProcess
TerminateProcess
SetFilePointer
GetModuleFileNameW
LeaveCriticalSection
TlsFree
CopyFileExA
GetSystemInfo
SetEnvironmentVariableA
InterlockedDecrement
GetProfileSectionA
TlsAlloc
GetLocalTime
GetCurrentThreadId
LoadLibraryExA
WriteConsoleOutputW
CreateRemoteThread
FreeEnvironmentStringsW
VirtualFree
LocalShrink
GetEnvironmentStringsW
GetCompressedFileSizeW
GetSystemTime
EnumResourceNamesA
LoadResource
DeleteCriticalSection
GetEnvironmentStrings
VirtualAlloc
TlsGetValue
SetTimeZoneInformation
VirtualQuery
WriteConsoleInputA
ReadConsoleA
LocalCompact
WriteFile
DebugBreak
SetConsoleTextAttribute
OpenMutexA
CloseHandle
EnumSystemLocalesA
ConnectNamedPipe
GetTimeFormatA
RemoveDirectoryW
LoadLibraryA
ReadFileEx
WideCharToMultiByte
MapViewOfFile
GetNumberFormatA
ReadFile
IsBadReadPtr
GetStartupInfoW
GetStringTypeW
GetProcAddress
GetCurrentProcessId
FileTimeToSystemTime
QueryPerformanceCounter
LoadLibraryExW
FreeEnvironmentStringsA
GetCurrentThread
InitializeCriticalSection
InterlockedIncrement
HeapFree
FileTimeToLocalFileTime
MultiByteToWideChar
EnumTimeFormatsA
GetModuleHandleA
GetFileAttributesA
CompareStringW
GetPrivateProfileStructW
GetTimeZoneInformation
UnhandledExceptionFilter
GetCPInfo
SetLastError
GetSystemTimeAsFileTime
GetPrivateProfileSectionNamesW
GetCommandLineA
DeleteFileA
TryEnterCriticalSection
GetModuleFileNameA
GetVersion
IsBadWritePtr
RtlUnwind
DeleteFiber
GetStringTypeA
WriteConsoleOutputCharacterA
GetCurrentProcess
FormatMessageA
SetStdHandle
EnterCriticalSection
CompareStringA
TlsSetValue
GetPrivateProfileStringW
LCMapStringA
SetConsoleTitleW
FlushFileBuffers
LCMapStringW
SetHandleCount
GetCommandLineW
InterlockedExchange
HeapReAlloc
HeapDestroy
CreateDirectoryExA
WriteConsoleOutputA
HeapAlloc
GetStdHandle
HeapCreate
GetFileType
GetFileAttributesW
GetLastError
GetTickCount
FindAtomW
GetStartupInfoA
CreateMutexA

advapi32

LookupPrivilegeNameW
CryptHashSessionKey
RegQueryInfoKeyA
LookupAccountNameW
LookupPrivilegeValueW
RegCloseKey

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2d90e9fa5236980173ce39e86ffc6ff

Headers

File Characteristics

PDB Paths

Imports

comctl32

shell32

comdlg32

user32

kernel32

advapi32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 104KB - Virtual size: 125KB

.rsrc Size: 104KB - Virtual size: 102KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 104KB - Virtual size: 125KB

.rsrc
Size: 104KB - Virtual size: 102KB