f8d2d23c7b1bbc1711019ff1807af7dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f8d2d23c7b1bbc1711019ff1807af7dd_JaffaCakes118
Size

136KB
MD5

f8d2d23c7b1bbc1711019ff1807af7dd
SHA1

1ec55a1c2136ed417bdc834f8dd07ecf071c70f6
SHA256

d72f1a2d345fa2a601f6496768405f5b627e1a331136342977c848f78be2d208
SHA512

74fe5a9bf420a507818e1ba0b12540c367327725a8fed3484c4b34a69754e6e3a8dc9116dfdafbca612413f60d240d1ef526282ae89001dbe2798e8bbb415815
SSDEEP

3072:tEoVnYPGp3yvtPyzMjnu2ZmW8Dzzbxr3l0Gwg19qrq5Y0W/eyc9p:5XtsrjOJbxrV+sCq5Y0Wmnp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/killer_cdj.exe

Files

f8d2d23c7b1bbc1711019ff1807af7dd_JaffaCakes118
.rar
killer_cdj.exe
.exe windows:4 windows x86 arch:x86

123d294ab47d133dd6b8bf984f44fd57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
SHDeleteValueA
SHDeleteKeyA
SHGetValueA
wnsprintfA
SHSetValueA
PathAppendA

kernel32

GetTickCount
InterlockedDecrement
lstrlenA
MoveFileA
InterlockedIncrement
DebugBreak
OutputDebugStringA
GetTempPathA
RemoveDirectoryA
CreateDirectoryA
CopyFileA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetTempFileNameA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
ExitProcess
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
VirtualFree
CloseHandle
VirtualAlloc
SetFilePointer
ReadFile
GetFileSize
CreateFileA
WriteFile
IsBadReadPtr
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetVersionExA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
SizeofResource
LockResource
AllocConsole
FindResourceA
DeviceIoControl
FreeLibrary
GetFileAttributesExA
TerminateProcess
GetDriveTypeA
GetLogicalDrives
WaitForSingleObject
CreateProcessA
OpenMutexA
GetCommandLineA
FreeResource
WritePrivateProfileStringA
CreateThread
LoadLibraryW
MultiByteToWideChar
IsBadCodePtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetConsoleTitleA
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
GetConsoleWindow
Sleep
FreeConsole
GetModuleFileNameA
LoadLibraryA
GetProcAddress
ExpandEnvironmentStringsA
GetWindowsDirectoryA
GetSystemDirectoryA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
SetFileAttributesA
MoveFileExA
GetFileAttributesA
GetLastError
LocalFree
GetExitCodeProcess
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
UnhandledExceptionFilter
HeapSize
IsBadWritePtr
HeapReAlloc
HeapCreate
GetEnvironmentVariableA
LCMapStringW
LoadResource
LCMapStringA
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
SetHandleCount
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
SetLastError
TlsAlloc
RaiseException
GetVersion
GetStartupInfoA
GetModuleHandleA
TlsGetValue
TlsSetValue
InterlockedExchange
RtlUnwind
SetStdHandle
GetFileType
HeapFree
HeapAlloc

user32

SetActiveWindow
LoadStringA
MessageBoxA
wvsprintfA
GetActiveWindow
SetForegroundWindow
CharNextA
DestroyWindow
DefWindowProcA
ExitWindowsEx

advapi32

SetNamedSecurityInfoA
QueryServiceStatus
StartServiceA
CreateServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegFlushKey
RegCreateKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegLoadKeyA
RegUnLoadKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegCloseKey
GetUserNameA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
GetExplicitEntriesFromAclA
DeleteAce

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

urlmon

URLDownloadToFileA

netapi32

Netbios

wininet

HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

123d294ab47d133dd6b8bf984f44fd57

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

comctl32

version

urlmon

netapi32

wininet

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 24KB - Virtual size: 35KB

.rsrc Size: 280KB - Virtual size: 276KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 24KB - Virtual size: 35KB

.rsrc
Size: 280KB - Virtual size: 276KB