93e910933ebb343d5294a6b3702dfc7f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93e910933ebb343d5294a6b3702dfc7f_JaffaCakes118
Size

484KB
MD5

93e910933ebb343d5294a6b3702dfc7f
SHA1

7b046e5665605f014ae9ee279b068ecd878f2890
SHA256

7a5c9dcffb28b330cd2d5641384f837472eb0b0a00051fa65c958e2513c6baa4
SHA512

1aed374fbe46ea09184ffe0c7df6d60b0b998c80090a9e96d22e7a351961f2584c685a3bcb1584faa842967d814e0f80761f235f452d87c57e94ebfa742d7e77
SSDEEP

6144:mkjTxT6v4Byxn6WdgLUEy/iuf2ze+ZdG5B:mk3xTa6yx6HLUv+ze

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93e910933ebb343d5294a6b3702dfc7f_JaffaCakes118

Files

93e910933ebb343d5294a6b3702dfc7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1bdb4089bff21d5e4317a45c291cecca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\work\사이트\pcsafe\install\Release\install.pdb

Imports

netapi32

Netbios

iphlpapi

GetAdaptersInfo

kernel32

LockFile
HeapCreate
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
CreateDirectoryA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
CloseHandle
WriteFile
CreateFileA
GetComputerNameA
DeleteFileA
CreateProcessA
Sleep
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
GetTimeZoneInformation
SetUnhandledExceptionFilter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
lstrcatA
ReadFile
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetFullPathNameA
lstrcpyA
WaitForSingleObject
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVolumeInformationA
GetSystemDirectoryA
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
GetLastError
GetModuleFileNameA
MultiByteToWideChar
GetFileAttributesA
FindFirstFileA
FindClose
lstrlenA
UnhandledExceptionFilter
GetStdHandle
IsBadWritePtr
GetProcAddress
GetModuleHandleA
lstrcpynA
lstrcmpW
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
GlobalFree
SetLastError
InterlockedDecrement
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
CreateEventA
SetFilePointer
FlushFileBuffers
HeapDestroy
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GetCurrentThread
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
RaiseException
SetErrorMode
WritePrivateProfileStringA
GetTickCount
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualFree

user32

MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
GetDlgItem
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
IsChild
SetFocus
IsWindow
GetFocus
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
SetWindowTextA
MoveWindow
ShowWindow
IsWindowEnabled
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
ValidateRect
GetCursorPos
GetActiveWindow
GetMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetDesktopWindow
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
PostQuitMessage
SetCursor
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetSysColorBrush
CharNextA
IsRectEmpty
SetRect
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetParent
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
PtInRect
GetWindow
LoadBitmapA
SendMessageA
PostMessageA
DefWindowProcA
GetClientRect
InvalidateRect
EnableWindow
wsprintfA
FindWindowA
LoadCursorA
LoadIconA
SetCapture
ReleaseCapture
MessageBoxA
CharUpperA
CopyRect
DrawIcon
IsIconic
GetSystemMetrics
TranslateMessage
IsDialogMessageA
DispatchMessageA
PeekMessageA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateRectRgnIndirect
CreateFontIndirectA
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
GetObjectA
CreateCompatibleDC
BitBlt
GetStockObject
SelectObject
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox

advapi32

RegQueryValueA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoInitialize
CoCreateInstance
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CLSIDFromString

comctl32

ord17

shlwapi

PathIsUNCA
UrlUnescapeA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ws2_32

WSAStartup
WSACleanup

wininet

InternetConnectA
InternetCanonicalizeUrlA
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetOpenA
HttpOpenRequestA
HttpSendRequestA
InternetOpenUrlA
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile
InternetCrackUrlA

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

oleaut32

SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
SysFreeString
VariantClear
SysAllocStringLen
OleCreateFontIndirect
VariantInit
VariantChangeType

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bdb4089bff21d5e4317a45c291cecca

Headers

File Characteristics

PDB Paths

Imports

netapi32

iphlpapi

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

shlwapi

oledlg

ws2_32

wininet

oleacc

winspool.drv

comdlg32

oleaut32

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 204KB - Virtual size: 201KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 204KB - Virtual size: 201KB