6a8882c5424095c171509a56e91a1919_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a8882c5424095c171509a56e91a1919_JaffaCakes118
Size

1.7MB
MD5

6a8882c5424095c171509a56e91a1919
SHA1

982c8719c82c1daae9228f84a639445944baa38d
SHA256

b12c61e9b40138f512c69ec4d993167613ce55f3abbb67bd2d073239edbfa49a
SHA512

eecdd37af748d291fa6151b4754aec9e78c1684f2d4e75c3e1b3fdcf8b6b6de94dd75f6ef13c9bb68b612d85895f8342f6ac96fd3dfefbd8d15aa9a29f28415c
SSDEEP

24576:8+EssnENrZ+/i51YxWNrUWKulw8zB5JPhFfgCfcyQ0CpTXjJ:m1AGWKkzB5JJxDcyrCpTTJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a8882c5424095c171509a56e91a1919_JaffaCakes118

Files

6a8882c5424095c171509a56e91a1919_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5170757a3ebc61285a9e3a0afbe558c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\DepotRoot\source\Service\PH_Service\NewPatcher\Patcher 필리핀 본섭\GrandChase.pdb

Imports

kernel32

SizeofResource
LockResource
LoadResource
DeleteFileA
lstrcatA
lstrcpyA
GetCurrentDirectoryA
CloseHandle
SetFileTime
SystemTimeToFileTime
CreateFileA
GetSystemTime
MoveFileA
SetFileAttributesA
FindClose
SetCurrentDirectoryA
FindNextFileA
FindFirstFileA
FlushFileBuffers
WriteFile
GetLastError
CreateDirectoryA
GetCommandLineA
GetModuleFileNameA
SetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleHandleA
CompareStringA
GlobalMemoryStatus
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
ReadFile
FreeLibrary
GetFileAttributesA
GetFileSize
RemoveDirectoryA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
SetEvent
ReleaseMutex
LoadLibraryA
Sleep
GetThreadLocale
GetLocaleInfoA
GetProcessHeap
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetExitCodeProcess
CreatePipe
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
LCMapStringA
GetOEMCP
GetTimeZoneInformation
SetUnhandledExceptionFilter
IsBadWritePtr
FatalAppExitA
GetCurrentProcessId
VirtualFree
HeapCreate
HeapDestroy
GetACP
CreateProcessA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetVersionExA
GetVersion
GetEnvironmentVariableA
GetStringTypeExA
lstrcmpiA
lstrlenA
FormatMessageA
CopyFileA
LocalFree
MulDiv
GlobalFree
FreeResource
GlobalDeleteAtom
InterlockedDecrement
EnumResourceLanguagesW
ConvertDefaultLocale
lstrcmpA
GetCurrentThread
SetThreadPriority
ResumeThread
SuspendThread
InterlockedIncrement
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
FileTimeToSystemTime
GlobalFlags
GetFileTime
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetTickCount
SetErrorMode
LocalUnlock
LocalLock
ExitProcess
HeapFree
RtlUnwind
GetSystemTimeAsFileTime
ExitThread
CreateThread
HeapAlloc
HeapReAlloc
TerminateProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetTimeFormatA
GetDateFormatA
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
InterlockedExchange

advapi32

RegOpenKeyExA
RegCreateKeyExA
SetFileSecurityW
GetFileSecurityW
RegFlushKey
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSaveKeyA
RegRestoreKeyA
RegLoadKeyA
RegSetValueExA

user32

OffsetRect
SetWindowPos
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
AdjustWindowRectEx
GetMenu
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
GetForegroundWindow
IsChild
SetFocus
GetFocus
SendDlgItemMessageA
CallNextHookEx
GetCapture
CheckDlgButton
IntersectRect
GetDlgItemInt
SetDlgItemInt
IsDlgButtonChecked
MoveWindow
ShowWindow
ScrollWindowEx
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
IsRectEmpty
SetCursor
GetCursorPos
WindowFromPoint
PostQuitMessage
ShowOwnedPopups
ValidateRect
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
GetDialogBaseUnits
InflateRect
DestroyMenu
SetRect
InvalidateRgn
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
ReuseDDElParam
UnpackDDElParam
GetWindowThreadProcessId
WaitMessage
DeleteMenu
DestroyIcon
GetNextDlgGroupItem
MessageBeep
UnionRect
GetDCEx
LockWindowUpdate
GetSystemMenu
SetParent
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
FillRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
InvalidateRect
MessageBoxA
GetClientRect
GetDC
ReleaseDC
SetWindowRgn
DrawIcon
IsIconic
SetTimer
LoadImageA
EndDialog
GetSystemMetrics
CopyRect
PtInRect
SetCapture
ReleaseCapture
KillTimer
TranslateMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
UnregisterClassA
CharLowerA
GetIconInfo
CharUpperA
CheckRadioButton

gdi32

CreatePatternBrush
DeleteObject
PatBlt
SetBrushOrgEx
CreateDIBPatternBrushPt
CreateDIBSection
GetDIBits
RealizePalette
RestoreDC
SetDIBitsToDevice
SetStretchBltMode
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SaveDC
SetBkColor
CreateBitmap
RectVisible
StretchDIBits
SetTextColor
CombineRgn
CreateRectRgn
GetDeviceCaps
SetPolyFillMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
GetTextColor
GetBkColor
GetRgnBox
StretchBlt
SetBkMode
CreateRoundRectRgn
GetStockObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
GetBoundsRect
CreateSolidBrush
DeleteDC
GetMapMode
SetWindowOrgEx
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
GetDCOrgEx
CreateHatchBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
SetRectRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx

shell32

ShellExecuteA
DragFinish

winmm

timeGetTime

wininet

InternetOpenUrlA
InternetQueryDataAvailable
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetCloseHandle

shlwapi

StrCmpW
StrStrIA
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveExtensionW

ole32

StringFromCLSID
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
CoTreatAsClass
CreateStreamOnHGlobal
OleRegGetUserType
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CoCreateInstance
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromProgID
WriteClassStg

oleaut32

SafeArrayAllocData
LoadTypeLi
OleCreateFontIndirect
SafeArrayCreateVector
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDecFromStr
VarBstrFromDec
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
VariantCopy
SafeArrayRedim
SafeArrayAllocDescriptor
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
VariantClear
VariantInit
SysFreeString
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantChangeType
SysAllocString
SafeArrayUnaccessData

d3d9

Direct3DCreate9

dsound

ord3

comdlg32

CommDlgExtendedError

winspool.drv

ClosePrinter

comctl32

ImageList_LoadImageW
ImageList_Merge
ImageList_Create
ord14
ImageList_Write
ImageList_Read
ord13
ImageList_GetImageInfo
ImageList_Draw
ord17
ImageList_Destroy

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.erdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5170757a3ebc61285a9e3a0afbe558c3

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

user32

gdi32

shell32

winmm

wininet

shlwapi

ole32

oleaut32

d3d9

dsound

comdlg32

winspool.drv

comctl32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 236KB - Virtual size: 232KB

.data Size: 28KB - Virtual size: 68KB

.rsrc Size: 172KB - Virtual size: 169KB

.erdata Size: 60KB - Virtual size: 60KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 236KB - Virtual size: 232KB

.data
Size: 28KB - Virtual size: 68KB

.rsrc
Size: 172KB - Virtual size: 169KB

.erdata
Size: 60KB - Virtual size: 60KB