0d3e3fd44faa32e0d83b02c8b7cff49c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0d3e3fd44faa32e0d83b02c8b7cff49c_JaffaCakes118
Size

863KB
MD5

0d3e3fd44faa32e0d83b02c8b7cff49c
SHA1

ee7c5cf5f68ed174e07fed1fc55febe72c313cd4
SHA256

1203693a4ad21c5c12ec157f4ebbede35132188f02de8ce0f3ee6780788dae55
SHA512

edce1d5a90a0313ccd53d82a0d11ca1e87f6ed554a66667e6fbfa7b48ca1d2f1b6dad92604ec7ad28c0138a0e6db9689e3aaea81bc55a3b4ee531bc47f47d17c
SSDEEP

24576:RmfVjt5U9LdcThQMiqBrJ+AcsOk6DZGrhZec5Yax+5dH8q2QbZAf:UfVjtqxdcTh9Bl+AchzDZGlZec5Yax+S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d3e3fd44faa32e0d83b02c8b7cff49c_JaffaCakes118

Files

0d3e3fd44faa32e0d83b02c8b7cff49c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

de679f2d6425fb27c732fa3c1dc5360b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\build\360AutoClean\Release\360AutoClean.pdb

Imports

kernel32

FindResourceExW
TerminateProcess
GetCurrentProcess
WritePrivateProfileStringW
FreeLibrary
GlobalFree
LeaveCriticalSection
EnterCriticalSection
GetLastError
MultiByteToWideChar
LoadLibraryExW
InitializeCriticalSection
DeleteCriticalSection
CreateMutexW
SetLastError
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
GlobalReAlloc
Sleep
GlobalMemoryStatus
CreateThread
GetCurrentThread
ExitThread
TerminateThread
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEndOfFile
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetVersion
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
GetModuleFileNameA
WriteFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
GetTimeZoneInformation
WideCharToMultiByte
GetCurrentDirectoryA
GetFullPathNameW
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
RtlUnwind
GetStartupInfoW
CreateDirectoryW
GetSystemTimeAsFileTime
GetDriveTypeW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
VirtualAlloc
CreateFileW
ReadFile
VirtualFree
SetFilePointer
GetFileSize
SetErrorMode
GetLocalTime
lstrcmpiW
GetPrivateProfileStringW
GetModuleHandleW
GetTickCount
FreeResource
FindResourceW
LoadResource
SizeofResource
LockResource
RaiseException
CloseHandle
ExpandEnvironmentStringsW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
FindClose
FindNextFileW
FindFirstFileW
SetEnvironmentVariableW
GetEnvironmentVariableW
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
GetTempPathW
SetEvent
ResetEvent
GetProcAddress
CopyFileW
LoadLibraryW
GetModuleFileNameW
CreateEventW
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
WaitForSingleObject
SetStdHandle

user32

SendMessageW
UnregisterClassA
KillTimer
GetClassLongW
ReleaseDC
GetLastInputInfo
WindowFromPoint
PtInRect
MapWindowPoints
GetClientRect
FillRect
GetCursorPos
DialogBoxIndirectParamW
GetWindowTextLengthW
GetSystemMetrics
GetDC
IntersectRect
EndPaint
BeginPaint
ScreenToClient
GetWindowTextW
IsChild
GetFocus
SetFocus
IsWindow
GetClassNameW
GetSysColor
RedrawWindow
GetClassInfoExW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
ClientToScreen
InvalidateRgn
CallWindowProcW
GetDesktopWindow
DestroyAcceleratorTable
DefWindowProcW
RegisterClassExW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
CharNextW
FindWindowW
GetActiveWindow
AdjustWindowRectEx
EndDialog
SetWindowLongW
SetWindowRgn
FlashWindow
SetForegroundWindow
BringWindowToTop
SetActiveWindow
GetTopWindow
IsZoomed
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
SetWindowPos
MoveWindow
ShowWindow
SetWindowTextW
TrackMouseEvent
SetLayeredWindowAttributes
LoadIconW
DrawTextW
SetCursor
LoadCursorW
DrawIconEx
LoadImageW
GetCapture
SetCapture
ReleaseCapture
PostMessageW
InvalidateRect
OffsetRect
GetParent
UpdateWindow
GetDlgItem
RegisterWindowMessageW
SetTimer

gdi32

CombineRgn
GetStockObject
CreateFontIndirectW
SetStretchBltMode
StretchBlt
SetBkMode
GetTextColor
CreateRectRgn
SetTextColor
GetTextExtentPoint32W
CreateDIBSection
GetObjectW
IntersectClipRect
DeleteDC
DeleteObject
CreateCompatibleBitmap
SelectObject
OffsetViewportOrgEx
SetViewportOrgEx
BitBlt
ExcludeClipRect
GetClipBox
CreateRoundRectRgn
GetDeviceCaps
CreateSolidBrush
TextOutW
CreateCompatibleDC

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW

shell32

ShellExecuteW
SHGetFolderPathW

ole32

CoUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
OleUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal

oleaut32

SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
GetErrorInfo
OleCreateFontIndirect
VarUI4FromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantInit
SysFreeString
SysStringLen
SysAllocString

shlwapi

PathCombineW
SHGetValueW
StrCpyW
PathAddBackslashW
PathFileExistsW

comctl32

InitCommonControlsEx

msimg32

AlphaBlend

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 362KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdat
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de679f2d6425fb27c732fa3c1dc5360b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

version

Sections

.text Size: 362KB - Virtual size: 364KB

.rdata Size: 82KB - Virtual size: 84KB

.data Size: 15KB - Virtual size: 24KB

.rsrc Size: 145KB - Virtual size: 148KB

.reloc Size: 22KB - Virtual size: 24KB

.rdat Size: 5KB - Virtual size: 5KB

.text
Size: 362KB - Virtual size: 364KB

.rdata
Size: 82KB - Virtual size: 84KB

.data
Size: 15KB - Virtual size: 24KB

.rsrc
Size: 145KB - Virtual size: 148KB

.reloc
Size: 22KB - Virtual size: 24KB

.rdat
Size: 5KB - Virtual size: 5KB