415c529944c8bf1a6eb378575acb5d0f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

415c529944c8bf1a6eb378575acb5d0f_JaffaCakes118
Size

112KB
MD5

415c529944c8bf1a6eb378575acb5d0f
SHA1

48d815429ca87c860f632d340499b9b6528c134f
SHA256

77d4221982a1c20ec54eca376ea88da6248e7e4d13f9c79133c2cea1161c2d00
SHA512

214eb8008121f99bc998c7299749082c1def7f14c8d1f37d664e55e2c51035d439251d1c452a9b01b1eb6457abf636dca0a603cc9ea058c700cf0c2ef1a116c6
SSDEEP

1536:0DOcEQ45k03Bb1Cvc/bnnvIynHqCDAAlcz9JBCOG9ovAT8dMAnrq4Btfgip:M+k03Bb1C0/plWm9h8dM224Btfhp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
415c529944c8bf1a6eb378575acb5d0f_JaffaCakes118

Files

415c529944c8bf1a6eb378575acb5d0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ea1c255ce44e6c09890ecc1e69d956b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MyVC\UpdateWMP\UpdateWMP\Release\YiqilaiLyrics.pdb

Imports

netapi32

Netbios

wininet

InternetReadFile
InternetConnectA
InternetAttemptConnect
InternetCloseHandle
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetCrackUrlA
InternetOpenUrlA
InternetOpenA
HttpQueryInfoA

kernel32

WriteConsoleA
CloseHandle
lstrlenA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
ReadFile
FreeLibrary
WinExec
LoadLibraryA
GetProcAddress
InterlockedIncrement
InterlockedDecrement
SetFileAttributesA
CreateDirectoryA
MultiByteToWideChar
GetSystemDirectoryA
SetEvent
GetModuleFileNameA
WaitForSingleObject
GetTempFileNameA
lstrlenW
OpenProcess
CreateEventA
GetCurrentProcessId
GetConsoleOutputCP
CreateProcessA
OutputDebugStringA
DebugBreak
CreateThread
GetModuleHandleA
RaiseException
DeleteCriticalSection
GetCurrentThreadId
CopyFileA
GetCommandLineA
DeleteFileA
WideCharToMultiByte
GetTempPathA
Sleep
CreateMutexA
GetLastError
SetStdHandle
LCMapStringW
LCMapStringA
GetConsoleMode
WriteConsoleW
FlushFileBuffers
GetStringTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapDestroy
HeapCreate
GetStdHandle
GetTimeZoneInformation
HeapSize
InitializeCriticalSection
GetConsoleCP
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
VirtualFree
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
ExitProcess
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetProcessHeap
GetStartupInfoA
HeapReAlloc
RtlUnwind
GetCPInfo
GetOEMCP
IsValidCodePage

user32

PostThreadMessageA
UnregisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
CharNextA
LoadStringA
CharUpperA
wsprintfA
MessageBoxA

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA

shell32

SHFileOperationA

ole32

CoRevokeClassObject
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance
CoRegisterClassObject

oleaut32

SysStringLen
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
RegisterTypeLi
VariantClear

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ea1c255ce44e6c09890ecc1e69d956b

Headers

File Characteristics

PDB Paths

Imports

netapi32

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 2KB - Virtual size: 2KB