3df88e7c3abdad4beb349e528a2ff520_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3df88e7c3abdad4beb349e528a2ff520_JaffaCakes118
Size

1.3MB
MD5

3df88e7c3abdad4beb349e528a2ff520
SHA1

41f09dd9096593fcd870e866aebdf5686c24f51e
SHA256

20ef02dfa1322069f119c80dff5d438304ed2a7565b642484bf14ac8ea6d3225
SHA512

009eb310b21713e1fb6e09067508b37b2850165784f75db2b7c5515b4b5e7c7b1b353d7a27e1c3a0d52de4f35ce682c677919469c34d04590bbf449c15522fc7
SSDEEP

24576:DXEuWCZ2o0KjJzJcSD9faBy9TeunR8gEGz4VIeNQ:bEu+McOSBETpEGz4V+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3df88e7c3abdad4beb349e528a2ff520_JaffaCakes118

Files

3df88e7c3abdad4beb349e528a2ff520_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9aeab95f12e49c3b80a2679653a0ee63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\WORK_jh\Launcher_china\China_Release\NeopleLauncher.pdb

Imports

ws2_32

ioctlsocket
bind
htonl
ntohs
gethostname
recvfrom
sendto
select
WSAResetEvent
WSAStartup
htons
inet_addr
closesocket
WSACloseEvent
WSAGetLastError
send
recv
WSACleanup
gethostbyname
inet_ntoa
socket
setsockopt
connect
WSACreateEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents

wininet

HttpQueryInfoA
InternetQueryDataAvailable
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

kernel32

Sleep
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
DeleteFileA
IsDBCSLeadByte
OutputDebugStringA
GetModuleFileNameA
OpenProcess
GetTickCount
WriteFile
CreateFileA
SetCurrentDirectoryA
GlobalFree
GlobalAlloc
MultiByteToWideChar
FreeResource
WideCharToMultiByte
LockResource
LoadResource
SizeofResource
FindResourceA
TerminateThread
ReleaseSemaphore
GetDiskFreeSpaceExA
CreateSemaphoreA
GetProcAddress
lstrlenA
GetPrivateProfileStringA
WritePrivateProfileStringA
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetVersionExA
GetCurrentDirectoryA
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetWindowsDirectoryA
GetCurrentThreadId
ReadFile
GetFileSize
CreateProcessA
GetFullPathNameA
CreateMutexA
ResumeThread
SetThreadPriority
SetLastError
SetFilePointer
SetEnvironmentVariableA
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetCommandLineA
MoveFileA
HeapFree
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateThread
ExitThread
RemoveDirectoryA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
LCMapStringW
GetCPInfo
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
GetLastError
LCMapStringA
CloseHandle
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetConsoleCP
GetConsoleMode
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
TlsFree
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetTimeZoneInformation
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FreeLibrary
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
WriteConsoleW
SetEndOfFile
CompareStringA
CompareStringW
LocalAlloc
WaitForMultipleObjects

user32

CheckRadioButton
TrackMouseEvent
SetCapture
ReleaseCapture
GetPropA
SystemParametersInfoA
SetPropA
RemovePropA
FillRect
GetDesktopWindow
ClientToScreen
GetWindowRect
GetWindowTextA
CallWindowProcA
DrawTextA
LoadBitmapA
GetParent
SetWindowPos
GetClassInfoExA
SetWindowRgn
IsWindow
TranslateAcceleratorA
SetTimer
LoadIconA
RegisterClassExA
CreateWindowExA
LoadCursorA
SetCursor
GetSystemMetrics
MoveWindow
SendMessageA
GetClientRect
GetDC
ReleaseDC
InvalidateRect
SetRect
PostMessageA
GetDlgItem
CreateDialogParamA
SetWindowTextA
ShowWindow
UpdateWindow
BeginPaint
EndPaint
DestroyWindow
GetMessageA
GetWindowLongA
SetWindowLongA
PostQuitMessage
PeekMessageA
DispatchMessageA
TranslateMessage
DialogBoxParamA
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
EndDialog
DefWindowProcA

gdi32

DeleteDC
BitBlt
GetObjectA
SelectObject
CreateCompatibleDC
GetStockObject
SetBkMode
DeleteObject
CreateRectRgn
SetTextColor
CreateFontA
CreateSolidBrush
CreateCompatibleBitmap
ExtCreateRegion
GetDIBits
CreateICA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA

shell32

SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoFreeLibrary
CoLoadLibrary
OleCreate
OleSetContainedObject
CoInitialize

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString

shlwapi

PathIsDirectoryA

msimg32

TransparentBlt

bugtrap

BT_SetSupportServer
BT_AppLogEntry
BT_InstallSehFilter
BT_CallCppFilter
BT_SetActivityType
BT_SetFlags
BT_SetAppName
BT_OpenLogFile
BT_AddLogFile
BT_SetLogFlags
BT_ClearLog
BT_GetLogFileName
BT_SetLogSizeInEntries
BT_CloseLogFile

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aeab95f12e49c3b80a2679653a0ee63

Headers

File Characteristics

PDB Paths

Imports

ws2_32

wininet

winmm

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

msimg32

bugtrap

version

Sections

.text Size: 520KB - Virtual size: 519KB

.rdata Size: 97KB - Virtual size: 97KB

.data Size: 15KB - Virtual size: 25KB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.text
Size: 520KB - Virtual size: 519KB

.rdata
Size: 97KB - Virtual size: 97KB

.data
Size: 15KB - Virtual size: 25KB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB