fe3faaee1cd5c9723c0f8dd7ebcbfe0e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe3faaee1cd5c9723c0f8dd7ebcbfe0e_JaffaCakes118
Size

1.9MB
MD5

fe3faaee1cd5c9723c0f8dd7ebcbfe0e
SHA1

26a650710ff6adf4420526225e6b7f4f9ee1baf4
SHA256

26a023c6be33a5696d4c43d69fa6a39aaa2537c993afcc8784c853089f50b1df
SHA512

67cc872f5d156055e94878a94d4eb7f3e54a9b44ff84fb5836425054da168592f875dd1e4648e0c401718538ef522be06c515fc837babc5d2d4101f2a756f0a4
SSDEEP

12288:p7q67ryFE6yQMxi9LrPiXKDYHZaSOZ5QR1dO1tz:laE5xihr6XKLS25Qmz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe3faaee1cd5c9723c0f8dd7ebcbfe0e_JaffaCakes118

Files

fe3faaee1cd5c9723c0f8dd7ebcbfe0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c665c851da78d205b468c8216875701

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Project\withweb\yesfile\Upload_Somon\110.fs0u.net\src_client\up_client\Release\up_client.pdb

Imports

kernel32

RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
ExitThread
CreateThread
GetDriveTypeA
GetStartupInfoA
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetTimeZoneInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualQuery
GetStringTypeW
LCMapStringA
LCMapStringW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
VirtualAlloc
VirtualProtect
InterlockedExchange
GetOEMCP
GetCPInfo
GlobalFlags
GetCurrentDirectoryA
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
InterlockedIncrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
SuspendThread
GlobalAddAtomA
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
SetLastError
WriteFile
CreateFileA
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileAttributesA
GetFullPathNameA
GetCommandLineA
GetCurrentProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
GetTickCount
TerminateProcess
lstrcpynA
GlobalReAlloc
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
FreeResource
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
ResumeThread
GlobalAlloc
ResetEvent
FormatMessageA
LocalFree
GetModuleFileNameA
InterlockedDecrement
lstrcpyA
GetSystemInfo
WaitForSingleObject
CreateEventA
SetEvent
EnterCriticalSection
LeaveCriticalSection
CloseHandle
GetCurrentThread
SetThreadPriority
CreateMutexA
Sleep
CreateDirectoryA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStringTypeA

user32

GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
GetSysColorBrush
InflateRect
EndPaint
BeginPaint
GetWindowDC
LoadCursorA
DrawIcon
IsRectEmpty
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
MessageBeep
DefWindowProcA
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
WaitMessage
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuItemInfoA
SetMenu
BringWindowToTop
SetRectEmpty
CharUpperA
UnregisterClassA
MessageBoxA
GetClassInfoA
EnableWindow
InvalidateRect
SetTimer
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
PostQuitMessage
wsprintfA
GetMenuState
GetMenuItemID
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
LoadMenuA
RegisterClipboardFormatA
GetMenuItemCount
GetSubMenu
CharNextA
ExitWindowsEx
ReplyMessage
SetWindowRgn
FindWindowA
GetSystemMetrics
ReleaseCapture
GetWindowLongA
PostThreadMessageA
GetDlgCtrlID
KillTimer
SendMessageA
PostMessageA
ShowWindow
DestroyMenu
TrackPopupMenu
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
AppendMenuA
CreatePopupMenu
LoadIconA
UpdateWindow
RedrawWindow
SetCursor
GetSysColor
FillRect
ReleaseDC
GetDC
CopyRect
SetRect
OffsetRect
GetClientRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowRect
GetParent
IsWindow
CallWindowProcA
SetWindowLongA
PtInRect
LoadBitmapA
ClientToScreen
GetActiveWindow
WindowFromPoint
SetCapture
GetCapture
TranslateAcceleratorA

gdi32

CreateRectRgnIndirect
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
GetRgnBox
DeleteObject
SetBkMode
RestoreDC
SaveDC
Ellipse
LPtoDP
CreateEllipticRgn
GetTextColor
GetBkColor
SetTextColor
GetClipBox
Rectangle
CreatePen
CreateDIBSection
ExtCreateRegion
CombineRgn
StretchBlt
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetBkColor
GetTextExtentPoint32A
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowOrgEx
GetViewportOrgEx
CreateRectRgn
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
BitBlt
GetStockObject
GetObjectA
CreateSolidBrush
CreateFontIndirectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetFileInfoA
DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Draw
ImageList_Destroy
ImageList_GetImageInfo

shlwapi

PathGetArgsA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
UrlUnescapeA
PathFindFileNameA
StrFormatByteSize64A

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CLSIDFromProgID

oleaut32

SysFreeString
SystemTimeToVariantTime
VariantClear
SysAllocStringLen
SysAllocStringByteLen
OleLoadPicture
SysStringLen
VariantChangeType
VariantInit
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SafeArrayDestroy
SysAllocString

urlmon

URLDownloadToFileA

ws2_32

closesocket
WSAStartup
WSACleanup
send
select
connect
htons
inet_addr
setsockopt
socket
WSAGetLastError
WSASocketA
WSARecv
WSAWaitForMultipleEvents
WSASend
WSAConnect
inet_ntoa
gethostbyname
recv
WSAAsyncSelect
recvfrom
sendto
WSASetLastError
bind
htonl
accept

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 320KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c665c851da78d205b468c8216875701

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

ws2_32

wininet

Sections

.text Size: 320KB - Virtual size: 317KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.text
Size: 320KB - Virtual size: 317KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB