85e269c1c604404ca2e2b19cf37fa904_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

85e269c1c604404ca2e2b19cf37fa904_JaffaCakes118
Size

741KB
MD5

85e269c1c604404ca2e2b19cf37fa904
SHA1

4ee6344432eaa8a0fbe8f6a78a85dc15ae0fb713
SHA256

b6a3b16420cf0dc84713636ede6882bc7057fae2877eb4c8266575e2c7b47223
SHA512

1aab1694c98ff56b0e14524e6f6c92a667db4b23e13b62f07abb2c4312a860348de86f5f53f0476e3e6696449d824e2fe2f13fddb192c9898e84716f73719d9f
SSDEEP

12288:V8HAgqfmFbAHaXK+mNbBMs+H/AFMrJvDNP5I2vSoyKOwzt:V8HgfmFlXK+iBM6EpPXvSo9Og

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85e269c1c604404ca2e2b19cf37fa904_JaffaCakes118

Files

85e269c1c604404ca2e2b19cf37fa904_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c7fd201b49920bb9079212b9ea577080

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\sho-ta\Projects\TG-Special\1108 Princess Evangile\Contents\evangile.pdb

Imports

shlwapi

PathFileExistsA

kernel32

GetVersionExA
SetCurrentDirectoryA
WriteFile
GetStdHandle
SetPriorityClass
GetCurrentProcess
GetCurrentThreadId
ExitProcess
VirtualAlloc
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
WideCharToMultiByte
IsDBCSLeadByte
MultiByteToWideChar
CreateFileA
DuplicateHandle
ReadFile
GetFileSize
SetFilePointer
SetEndOfFile
ResetEvent
WaitForMultipleObjects
CreateMutexA
GlobalUnlock
GlobalLock
GlobalAlloc
TlsAlloc
TlsFree
InterlockedDecrement
SetUnhandledExceptionFilter
InterlockedIncrement
TlsSetValue
TlsGetValue
CreateThread
lstrlenA
Sleep
GetTickCount
ReleaseMutex
GetProcessAffinityMask
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
EncodePointer
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
SetLastError
GetLastError
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
HeapFree
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
RaiseException
HeapAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryW
LCMapStringW
GetStringTypeW
HeapReAlloc
WriteConsoleW
HeapSize
CreateFileW
GetWindowsDirectoryA
CreateDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetDiskFreeSpaceExA
WaitForSingleObject
SetEvent
GetModuleHandleA
GetModuleFileNameA
CloseHandle
CreateEventA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
GetFullPathNameA

user32

ReleaseCapture
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginPaint
EndPaint
InvalidateRect
UpdateWindow
ShowWindow
ClientToScreen
PostMessageA
GetWindowThreadProcessId
MsgWaitForMultipleObjects
GetMessageA
EnumDisplaySettingsA
ChangeDisplaySettingsA
ClipCursor
RedrawWindow
GetMessagePos
GetKeyState
WindowFromPoint
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
SetForegroundWindow
SetCapture
DispatchMessageA
TranslateMessage
RegisterClassExA
UnregisterClassA
GetClassInfoExA
GetSystemMetrics
SystemParametersInfoA
PeekMessageA
MsgWaitForMultipleObjectsEx
IsWindow
ReleaseDC
FillRect
GetDC
PostQuitMessage
SetTimer
GetClientRect
IsIconic
FindWindowExA
LoadImageA
LoadCursorA
PostThreadMessageA
ValidateRect
DialogBoxParamA
ScreenToClient
SetWindowTextA
GetWindowRect
MoveWindow
SendMessageA
GetDlgItem
GetDlgItemTextA
EndDialog
SetClassLongA
GetClassLongA
RegisterClassA
DestroyWindow
CreateWindowExA
EnableWindow
GetWindowLongA
SetWindowLongA
DefWindowProcA
MessageBoxA
TrackPopupMenu
GetCursorPos
InsertMenuA
CreatePopupMenu
DestroyMenu
RegisterWindowMessageA
SetCursor

shell32

SHGetSpecialFolderPathA
ShellExecuteA
SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoUninitialize
CoInitialize
CoCreateInstance

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

imm32

ImmSetOpenStatus
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmAssociateContext
ImmGetContext

gdi32

GetGlyphOutlineW
DeleteDC
GetStockObject
GetCharWidthW
CreateFontIndirectA
EnumFontFamiliesExA
GetDeviceCaps
GetCharABCWidthsA
GetCharABCWidthsW
CreateCompatibleDC
GetTextMetricsA
GetGlyphOutlineA
CreateDIBSection
DeleteObject
SelectObject
SetDIBColorTable
BitBlt
StretchBlt
StretchDIBits
GetCharWidthA

comdlg32

GetSaveFileNameA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA

msacm32

acmStreamOpen
acmStreamUnprepareHeader
acmStreamConvert
acmStreamPrepareHeader
acmStreamSize
acmStreamClose

comctl32

ord17

Exports

Exports

eslFreeGlobalHeap
eslGetGlobalHeap
eslHeapAllocate
eslHeapCreate
eslHeapDestroy
eslHeapDump
eslHeapFree
eslHeapGetLength
eslHeapLock
eslHeapReallocate
eslHeapUnlock
eslStackHeapAllocate
eslStackHeapCreate
eslStackHeapDestroy
eslStackHeapFree
glsCloseLibrary
glsCloseTask
glsDisableProcessorType
glsEnableProcessorType
glsGetEnabledProcessorType
glsInitializeLibrary
glsInitializeTask

Sections

.text
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CodeSeg
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DataSeg
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ConstSeg
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c7fd201b49920bb9079212b9ea577080

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

shell32

ole32

winmm

imm32

gdi32

comdlg32

advapi32

msacm32

comctl32

Exports

Exports

Sections

.text Size: 372KB - Virtual size: 372KB

CodeSeg Size: 132KB - Virtual size: 131KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 17KB - Virtual size: 26KB

DataSeg Size: 16KB - Virtual size: 16KB

ConstSeg Size: 5KB - Virtual size: 4KB

.rsrc Size: 110KB - Virtual size: 112KB

.text
Size: 372KB - Virtual size: 372KB

CodeSeg
Size: 132KB - Virtual size: 131KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 17KB - Virtual size: 26KB

DataSeg
Size: 16KB - Virtual size: 16KB

ConstSeg
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 110KB - Virtual size: 112KB