419e0bfca49d70fb6c771cb2628ffafb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

419e0bfca49d70fb6c771cb2628ffafb_JaffaCakes118
Size

36KB
MD5

419e0bfca49d70fb6c771cb2628ffafb
SHA1

e365a896597a044b310dc7d9a6539a3510e27e2f
SHA256

b94ebecd19c68dbddb505b333b4dadcf684b90f86cd5d971ec240d945e33fa4b
SHA512

3461dab49d165433a11ec53fee89748634ff4abc8e9ee110f53d01e1eca7fbd0ca13e5d3d1a1b038fee753a8a1c85cae7afefa6f8c602391cf635aba77937f47
SSDEEP

768:hIl2opNKHIAdCHkn5F6he8+WEfWAsA+m828b/CASnLd3z1pTho:hIgo3KHIsIa2d+FuALOdBSnL1q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/win32pad.exe

Files

419e0bfca49d70fb6c771cb2628ffafb_JaffaCakes118
.rar
WIN32PAD.HLP
history.txt
readme.txt
win32pad.cnt
win32pad.exe
.exe windows:4 windows x86 arch:x86

95aa5ebb92f3986d62ff35547e7bad27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

CreateToolbarEx
InitCommonControls
PropertySheetA

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
FindTextA
GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
ReplaceTextA

gdi32

AbortDoc
CreateFontIndirectA
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
EndDoc
EndPage
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32A
SelectObject
SetBkColor
SetTextColor
StartDocA
StartPage

kernel32

AddAtomA
CloseHandle
CreateDirectoryA
CreateFileA
ExitProcess
FindAtomA
FindClose
FindFirstFileA
FormatMessageA
FreeLibrary
GetAtomNameA
GetCommandLineA
GetDateFormatA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetStartupInfoA
GetTimeFormatA
GetVersionExA
GlobalAlloc
GlobalFree
LoadLibraryExA
LocalFree
MulDiv
MultiByteToWideChar
ReadFile
SetEndOfFile
SetFilePointer
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_access
_cexit
_iob
_itoa
_onexit
_setmode
_stat
abort
atexit
atol
free
malloc
memchr
memset
signal
strchr
strncat
strrchr

shell32

DragAcceptFiles
DragQueryFileA
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

shfolder

SHGetFolderPathA

user32

CallWindowProcA
CheckMenuItem
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CreateWindowExA
DefWindowProcA
DestroyMenu
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EmptyClipboard
EnableMenuItem
EndDialog
FillRect
FindWindowA
FindWindowExA
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetKeyState
GetMenu
GetMenuItemID
GetMessageA
GetParent
GetSubMenu
GetSysColor
GetSysColorBrush
GetUpdateRect
GetWindowPlacement
GetWindowRect
GetWindowTextA
InsertMenuItemA
InvalidateRect
IsDialogMessageA
KillTimer
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadMenuA
LoadStringA
MessageBeep
MessageBoxA
MoveWindow
OpenClipboard
PostMessageA
PostQuitMessage
RegisterClassA
RegisterWindowMessageA
ReleaseDC
RemoveMenu
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetClipboardData
SetCursor
SetDlgItemInt
SetFocus
SetForegroundWindow
SetMenuItemInfoA
SetScrollPos
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

95aa5ebb92f3986d62ff35547e7bad27

Headers

File Characteristics

Imports

comctl32

comdlg32

gdi32

kernel32

msvcrt

shell32

shfolder

user32

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 512B - Virtual size: 272B

.bss Size: - Virtual size: 1KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 272B

.bss
Size: - Virtual size: 1KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 10KB - Virtual size: 10KB