46832df9f7b57686f516d70206f75404_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

46832df9f7b57686f516d70206f75404_JaffaCakes118
Size

462KB
MD5

46832df9f7b57686f516d70206f75404
SHA1

b9bea8dd0bdcfd26b0e575fedecda646e980f844
SHA256

87ee5b0b636eda22ef7de0763cdf88a2c6f271db0bb920c636ceeb3a2d88c4ce
SHA512

88a8a348db2c081a6475e4f69f8d3b32a25e921c29c2975e7fa7180dcf8586b2e3b288393eea7a28c582decc203a880230a460bf6813bebde409fdd78515bf4d
SSDEEP

12288:Li9lolmDTpeQiW95OyRrCHTkjrFrU/Owj0Wp91a79Sj:DqT0QimOUccU/Owj9a7A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46832df9f7b57686f516d70206f75404_JaffaCakes118

Files

46832df9f7b57686f516d70206f75404_JaffaCakes118
.exe windows:5 windows x86 arch:x86

706fc3bd1e700107c8dc85480e62fdf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Project\2010_3\keyword_popup\ipopcentral\logoui_check5\Release\ipopcen.pdb

Imports

wininet

HttpSendRequestW
InternetOpenW
InternetConnectW
InternetSetOptionW
HttpOpenRequestW
InternetOpenUrlW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
DeleteUrlCacheEntryW
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW

kernel32

GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
InterlockedDecrement
GetCurrentProcessId
GlobalGetAtomNameW
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetStartupInfoW
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapAlloc
RtlUnwind
RaiseException
HeapReAlloc
ExitThread
ExitProcess
SetStdHandle
CompareStringA
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
VirtualAlloc
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
LCMapStringW
GetConsoleCP
GetConsoleMode
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
InterlockedExchange
SuspendThread
ResumeThread
SetThreadPriority
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
GetModuleHandleA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
CreateFileW
GetModuleFileNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LocalAlloc
FreeLibrary
LoadLibraryW
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
GetCurrentThreadId
WritePrivateProfileStringW
GetPrivateProfileStringW
Sleep
GetLastError
GetTickCount
GetModuleHandleW
GetProcAddress
GetExitCodeThread
CreateThread
CreateProcessW
GetWindowsDirectoryW
DeleteFileW
lstrlenA
WideCharToMultiByte
CloseHandle
MultiByteToWideChar
CreateEventW
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
SetEvent
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
GetProcessHeap
GetFileType

user32

GetMenuItemInfoW
SystemParametersInfoW
UnregisterClassW
ShowOwnedPopups
SetCursor
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
PostQuitMessage
IsWindowEnabled
ShowWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
InflateRect
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
TrackPopupMenu
GetKeyState
SetMenu
SetForegroundWindow
GetClientRect
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetDlgCtrlID
CallWindowProcW
CopyRect
PtInRect
GetMenu
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
CharUpperW
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
ReleaseCapture
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
GetSystemMetrics
GetDesktopWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetFocus
GetWindowTextW
UpdateWindow
LoadIconW
DefWindowProcW
EnableWindow
EnumWindows
SetTimer
FindWindowW
LoadCursorW
KillTimer
GetWindowThreadProcessId
IsWindowVisible
GetClassNameW
SendMessageW
FindWindowExW
IsWindow
PostMessageW
MapWindowPoints

gdi32

DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
Escape
ScaleWindowExtEx
CreateCompatibleBitmap
CreateFontIndirectW
GetTextExtentPoint32W
SetWindowExtEx
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
GetObjectW
SetBkColor
SetTextColor
GetClipBox
OffsetViewportOrgEx
SetViewportOrgEx
CreateSolidBrush
GetDeviceCaps
GetPixel
BitBlt
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SelectObject

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegNotifyChangeKeyValue
RegOpenKeyExW
RegQueryValueW

shell32

ShellExecuteW
DragFinish
DragQueryFileW
SHGetFileInfoW

shlwapi

UrlGetPartW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW

ole32

CoInitialize
CoUninitialize

oleaut32

VariantInit
VariantClear
VariantChangeType

urlmon

URLDownloadToFileW

ws2_32

closesocket
socket
WSAStartup
shutdown
WSACleanup
htons
inet_addr

Sections

.text
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

706fc3bd1e700107c8dc85480e62fdf0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

urlmon

ws2_32

Sections

.text Size: 358KB - Virtual size: 358KB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 11KB - Virtual size: 28KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 358KB - Virtual size: 358KB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 11KB - Virtual size: 28KB

.rsrc
Size: 20KB - Virtual size: 20KB