ffcd89d1d35254580dd1929bc4163e05_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ffcd89d1d35254580dd1929bc4163e05_JaffaCakes118
Size

696KB
MD5

ffcd89d1d35254580dd1929bc4163e05
SHA1

39ad7447ef42b6af81b05f1e97fb12f17bbe3e56
SHA256

be2c938ab8bb62627d3fd481c4d970fd35af0bbb33d090e0437cd62d07f07237
SHA512

d662e0e6431f8041847e867b2345dd05aff8fec81747e348a13cc7a720636a5c46c2ec357903398441859498ed5e258f32ee54a9b85e3aa3ffed7980001f4d16
SSDEEP

12288:pqVXSTi05uHA+1+cJN7MdfDx2AY8Skw2a7tbCkK6vn+WdD73CzW:pqVUrGA+1NNY55w2a7Hm4HS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffcd89d1d35254580dd1929bc4163e05_JaffaCakes118

Files

ffcd89d1d35254580dd1929bc4163e05_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4dc42945aaec0a3e3fecef2f669780d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\xizcoj\feta\eeqlud.pdb

Imports

winspool.drv

OpenPrinterA
DocumentPropertiesA
ord204
EnumPrintersA
ClosePrinter

user32

CheckMenuItem
ClientToScreen
SetForegroundWindow
UnionRect
GetSysColorBrush
SetParent
ReleaseCapture
GetDlgItem
DefWindowProcA
DefWindowProcW
GetDlgCtrlID
GetFocus
GetClientRect
InvalidateRect
WaitForInputIdle
RegisterClassW
GetMessagePos
GetDoubleClickTime
GetSubMenu
ShowWindow
SetCursor
MessageBoxA
GetSystemMetrics
MessageBoxW
GetMessageW
DrawIconEx
GetTopWindow
LoadStringW
LoadIconW
BringWindowToTop
GetWindowDC
DrawEdge
CreateWindowExW
LoadCursorW
WindowFromPoint
IsRectEmpty
ScreenToClient
DestroyWindow
RegisterClassExW

oleaut32

LoadTypeLi

gdi32

GetCharWidthFloatA
CreateHalftonePalette
SetPolyFillMode
GetMiterLimit
AnimatePalette
CreateCompatibleBitmap
PolyPolygon
GetAspectRatioFilterEx
WidenPath
GetBrushOrgEx
IntersectClipRect
CreateDiscardableBitmap
DeleteObject
CreateFontA
GetColorAdjustment
MoveToEx
SetTextAlign
PlgBlt
DrawEscape
EndPath
CreateHatchBrush
GetKerningPairsA
GdiComment
SelectClipRgn
AbortPath
GetTextColor
SetArcDirection
DeleteDC
GetROP2
SelectObject
ExtEscape
PolyBezierTo
PolylineTo
GetNearestPaletteIndex
CreateEllipticRgnIndirect
GetRegionData
EnumObjects
SetMiterLimit
AngleArc
BeginPath
GetWindowExtEx
CreatePolyPolygonRgn
GetCharABCWidthsFloatA
GetObjectType
Ellipse

kernel32

GetLastError
SetUnhandledExceptionFilter
GetStringTypeW
CompareStringA
VirtualAlloc
GetEnvironmentStringsW
GetProcAddress
QueryPerformanceCounter
FreeEnvironmentStringsA
GetTimeZoneInformation
HeapCreate
FreeLibrary
GetCommandLineW
CreateMutexW
HeapSize
SetFilePointer
GetSystemInfo
GetStringTypeA
SetStdHandle
WriteFile
EnterCriticalSection
RaiseException
HeapAlloc
HeapDestroy
FlushFileBuffers
GetVersionExA
InitializeCriticalSection
GetDateFormatA
FreeEnvironmentStringsW
ExitProcess
GetTimeFormatA
LoadLibraryA
HeapReAlloc
GetSystemTimeAsFileTime
LoadLibraryW
VirtualQuery
GetModuleFileNameA
TlsGetValue
SetEnvironmentVariableA
DeleteCriticalSection
RtlUnwind
GetFileType
GetCPInfo
SetLastError
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
SetHandleCount
CreateFileW
ReadFile
GetStartupInfoW
GetCurrentProcess
GetACP
TerminateProcess
GetCurrentThreadId
VirtualProtect
GetCurrentProcessId
GetCommandLineA
GetLocaleInfoA
GetModuleHandleA
UnhandledExceptionFilter
HeapFree
FindFirstFileA
LCMapStringA
TlsSetValue
GetModuleFileNameW
GetStdHandle
LeaveCriticalSection
InterlockedExchange
TlsFree
CloseHandle
GetTickCount
GetModuleHandleW
GetOEMCP
VirtualFree
GetEnvironmentStrings
LCMapStringW
TlsAlloc
GetStartupInfoA
IsBadCodePtr

advapi32

RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueExA
RegQueryValueA
RegSetValueA
RegCloseKey

shell32

SHGetSpecialFolderLocation
DragFinish
ShellExecuteA
ExtractIconA

comctl32

ImageList_LoadImageA
ImageList_GetImageCount
ImageList_Draw
ImageList_Create
InitCommonControlsEx

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dc42945aaec0a3e3fecef2f669780d9

Headers

File Characteristics

PDB Paths

Imports

winspool.drv

user32

oleaut32

gdi32

kernel32

advapi32

shell32

comctl32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 468KB - Virtual size: 464KB

.data Size: 104KB - Virtual size: 100KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 468KB - Virtual size: 464KB

.data
Size: 104KB - Virtual size: 100KB

.rsrc
Size: 32KB - Virtual size: 28KB