875881c01ad7c93d4bf1d1397bc57eb2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

875881c01ad7c93d4bf1d1397bc57eb2_JaffaCakes118
Size

1.4MB
MD5

875881c01ad7c93d4bf1d1397bc57eb2
SHA1

b5a3782c9835cc2b28b197e77c74151672e7faea
SHA256

2d4e38e1a840c96eae04f5a8e5bf144b55ffb147f53422711b3c223044d214f4
SHA512

fe279fc48559a7ee133541df947bddff5562bad1d898fc25556becc8904ef54aee9d3ecc73f0a158e05904b75aa8d16b3c5d6a948cb6f7dd7c0ecc0e0d2bea1e
SSDEEP

24576:ldhEaTjykIj1W4uYo1DoOVsPTUcjoSOHG:zTk04QYTW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
875881c01ad7c93d4bf1d1397bc57eb2_JaffaCakes118

Files

875881c01ad7c93d4bf1d1397bc57eb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b0f90621a04f97bbafe01f38c86bf8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\WBSogouime_branch_1.6\Bin\SogouWBInput\QuickInput.pdb

Imports

kernel32

LoadLibraryExW
CloseHandle
GetLastError
GlobalUnlock
CreateFileW
GlobalAlloc
WriteFile
GlobalLock
GlobalSize
HeapCreate
HeapDestroy
DeleteCriticalSection
EnterCriticalSection
Sleep
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TlsSetValue
TlsGetValue
SetEndOfFile
HeapAlloc
HeapFree
GetProcessHeap
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
FreeLibrary
GetProcAddress
GetCommandLineW
GetCurrentProcess
GetModuleHandleW
GetModuleFileNameW
GetTempPathW
GetCurrentProcessId
TlsAlloc
TlsFree
InterlockedIncrement
InterlockedCompareExchange
SetFilePointer
CreateProcessW
FormatMessageW
ExitThread
SetLastError
GlobalFree
CreateEventW
WaitForMultipleObjects
GetCurrentThreadId
DuplicateHandle
LocalFree
CreateThread
FindFirstFileW
MoveFileExW
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryW
WaitForSingleObject
FileTimeToSystemTime
CreateMutexW
OpenMutexW
ReleaseMutex
GetFileSize
ReadFile
FlushFileBuffers
LocalAlloc
LCMapStringW
GetTickCount
GlobalReAlloc
DebugBreak
CreateFileA
HeapReAlloc
GetVersionExA
GetStartupInfoW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetDriveTypeW
GetModuleHandleA
InterlockedDecrement
GetTimeZoneInformation
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetDriveTypeA
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
GetFullPathNameW
GetCurrentDirectoryA
GetTimeFormatA
GetDateFormatA
InitializeCriticalSection
LoadLibraryA
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

SetTimer
LoadImageW
PtInRect
LoadBitmapW
GetDesktopWindow
CallWindowProcW
EnableWindow
TrackMouseEvent
GetWindow
IsWindow
GetClassNameW
GetWindowTextLengthW
SetCursor
GetMonitorInfoW
GetCursor
RedrawWindow
IntersectRect
SetRect
GetAsyncKeyState
SubtractRect
MonitorFromPoint
UpdateLayeredWindow
SwapMouseButton
CreateDialogParamW
EndDialog
DialogBoxParamW
DefWindowProcW
MessageBoxW
GetSystemMetrics
ShowWindow
FindWindowW
PostMessageW
IsIconic
EndPaint
DestroyWindow
IsWindowEnabled
KillTimer
GetScrollInfo
SetScrollInfo
SetCursorPos
ClientToScreen
CloseClipboard
SetWindowRgn
ScreenToClient
SendInput
SetCapture
DrawTextW
EnumClipboardFormats
GetClipboardData
GetWindowTextW
EmptyClipboard
CheckDlgButton
IsDlgButtonChecked
OpenClipboard
ReleaseCapture
SetClipboardData
SetWindowTextW
GetClassLongW
SetClassLongW
GetCursorPos
InflateRect
SetForegroundWindow
GetParent
GetForegroundWindow
SetFocus
OffsetRect
GetWindowLongW
SetWindowLongW
SetWindowPos
FillRect
InvalidateRect
GetWindowRect
GetClientRect
GetDC
ReleaseDC
GetDlgItem
LoadCursorW
RegisterClassExW
CreateWindowExW
BeginPaint
IsWindowVisible
SendMessageW
MoveWindow
SystemParametersInfoW

gdi32

Rectangle
SelectObject
DeleteObject
SetBkMode
RoundRect
CreateRoundRectRgn
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
CreatePen
DeleteDC
SetTextColor
BitBlt
SetBkColor
SelectClipRgn
TextOutW
GetTextExtentExPointW
CreateRectRgn
GetPixel
CreateFontIndirectW
OffsetRgn
GetTextExtentPoint32W
GetTextMetricsW
GetCharABCWidthsFloatW
ExtCreateRegion
CombineRgn
StretchBlt
MoveToEx
LineTo
CreateDIBSection
GetStockObject
CreateSolidBrush

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

imm32

ImmDisableIME

msimg32

GradientFill
AlphaBlend
TransparentBlt

advapi32

RegOpenKeyExW
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegQueryValueW
RegCloseKey
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCreateKeyExW
OpenProcessToken

shell32

ShellExecuteW
SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx

Sections

.text
Size: 640KB - Virtual size: 636KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3b0f90621a04f97bbafe01f38c86bf8b

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

version

imm32

msimg32

advapi32

shell32

comctl32

Sections

.text Size: 640KB - Virtual size: 636KB

.rdata Size: 192KB - Virtual size: 188KB

.data Size: 36KB - Virtual size: 756KB

.rsrc Size: 444KB - Virtual size: 441KB

.reloc Size: 56KB - Virtual size: 53KB

.text Size: 12KB - Virtual size: 9KB

.text
Size: 640KB - Virtual size: 636KB

.rdata
Size: 192KB - Virtual size: 188KB

.data
Size: 36KB - Virtual size: 756KB

.rsrc
Size: 444KB - Virtual size: 441KB

.reloc
Size: 56KB - Virtual size: 53KB

.text
Size: 12KB - Virtual size: 9KB