32d57f3cf2497da78a2e3c0801eebd7b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

32d57f3cf2497da78a2e3c0801eebd7b_JaffaCakes118
Size

570KB
MD5

32d57f3cf2497da78a2e3c0801eebd7b
SHA1

39d7dceb75d87af8ceb2fe7271bd839e1041831f
SHA256

151df6af6056f7031a211f7dae86fc31d50dd254fc8f9bdd3cde35b37ab5fd02
SHA512

9f0d14cc861e15ef86a3008d9dcacd305ae57c93ace8677cab4ed85501334e369a542d240e667d23f3d62b3ff90f633632068aff545d70f3e8a5af71f71eec76
SSDEEP

12288:C+V2vOXIvdgERpR0mnSPsVV7eTbmdWBPO/2suo9T0sIN8q:5dIlR0MwCdePO/2+9TlI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32d57f3cf2497da78a2e3c0801eebd7b_JaffaCakes118

Files

32d57f3cf2497da78a2e3c0801eebd7b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9454b199a9aa29757054128b01048f97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\build\360Download\Release\ModuleUpdate.pdb

Imports

kernel32

FindClose
FindNextFileW
FindFirstFileW
TerminateProcess
CopyFileW
CreateMutexW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
GetLongPathNameW
WideCharToMultiByte
GetVersionExW
GetLocalTime
GetFileSizeEx
LoadLibraryW
CreateThread
CreateEventW
WaitForSingleObject
SetEvent
GetFileAttributesExW
UnlockFile
ReadFile
GetFileSize
LockFile
SetFilePointer
WriteFile
GlobalUnlock
GlobalLock
GlobalSize
GetTempPathW
GetTempFileNameW
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
DeleteFileW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
GetStdHandle
HeapSize
HeapCreate
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
HeapReAlloc
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetFileType
SystemTimeToFileTime
LocalFileTimeToFileTime
SetEndOfFile
SetFilePointerEx
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
TlsAlloc
OpenThread
TlsSetValue
TlsGetValue
ReleaseMutex
CreateFileA
GetSystemTimeAsFileTime
lstrlenA
OutputDebugStringW
DebugBreak
GetProcAddress
CreateFileW
DeviceIoControl
CloseHandle
GetCurrentProcessId
lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
Sleep
MultiByteToWideChar
FreeLibrary
InitializeCriticalSection
GetLastError
GetModuleFileNameW
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
lstrlenW
InterlockedIncrement
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
RaiseException
GetCurrentThreadId
FormatMessageW
GetSystemTime
LocalFree
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
SetLastError
GetCommandLineW
GetModuleHandleA

user32

IsIconic
IsWindow
UnregisterClassA
MessageBoxW
GetActiveWindow
SetForegroundWindow
DefWindowProcW
ScreenToClient
TrackMouseEvent
SetCursor
GetCursorPos
SetRect
PtInRect
DrawTextW
CallWindowProcW
CopyRect
EndPaint
BeginPaint
GetDC
ReleaseDC
CharLowerW
FindWindowExW
GetWindowThreadProcessId
ShowWindow
RegisterClassExW
LoadCursorW
GetClassInfoExW
CreateWindowExW
GetParent
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
IsDialogMessageW
SendMessageW
KillTimer
SetTimer
SetWindowPos
SetWindowTextW
GetWindowLongW
IsWindowVisible
InvalidateRect
BringWindowToTop
PostQuitMessage
GetSystemMetrics
LoadImageW
SetLayeredWindowAttributes
GetDlgItem
SetDlgItemTextW
RedrawWindow
GetClientRect
MoveWindow
PostMessageW
CharUpperW
wvsprintfW
GetClassInfoW
RegisterClassW
CharNextW
SetWindowLongW
LoadStringW
DestroyWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
CreateDialogParamW
SendMessageTimeoutW
GetWindowTextW

gdi32

LineTo
MoveToEx
StretchBlt
CreatePen
GetObjectW
ExtTextOutW
RestoreDC
SaveDC
SetBkMode
CreateCompatibleBitmap
SetViewportOrgEx
SelectObject
CreateCompatibleDC
DeleteDC
BitBlt
DeleteObject
CreateFontW
EnumFontFamiliesW
SetBkColor
SetStretchBltMode

advapi32

RegQueryValueExA
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteExW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
CommandLineToArgvW
ShellExecuteW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
GetHGlobalFromStream
CoUninitialize
CoTaskMemRealloc

oleaut32

VariantInit
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString
SysAllocString
VarUI4FromStr

shlwapi

PathFileExistsW
SHGetValueW
StrCmpW
PathRemoveFileSpecW
PathAppendW
PathFindFileNameW
PathCombineW
PathIsRelativeW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

TransparentBlt
AlphaBlend

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW

Sections

.text
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mezhaku
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9454b199a9aa29757054128b01048f97

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

version

psapi

Sections

.text Size: 372KB - Virtual size: 371KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 10KB - Virtual size: 18KB

.rsrc Size: 43KB - Virtual size: 43KB

.reloc Size: 58KB - Virtual size: 60KB

mezhaku Size: 6KB - Virtual size: 6KB

.text
Size: 372KB - Virtual size: 371KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 58KB - Virtual size: 60KB

mezhaku
Size: 6KB - Virtual size: 6KB