a22d444470142c5bc5ca8f6cd7d28a18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a22d444470142c5bc5ca8f6cd7d28a18_JaffaCakes118
Size

2.0MB
MD5

a22d444470142c5bc5ca8f6cd7d28a18
SHA1

d741092d52995fa7b3297dcc2681446418b81951
SHA256

824b704fd50571de3880463f6f3d8386bfbf6475dfb04c2871be0d8f345c43d9
SHA512

f44f4e0cfb0e0210e43f5650744863072d1a5f5af1a38dac08f1778f68769662f96d3650f8db3c6593442556411d17ee3e77567e60dfb73ed0e46f9ac4c304c6
SSDEEP

49152:7A32EXUdWgQQo0gyCgra4U7wqDSHoZ+gQO10jXkQIN0zZ0TM:U32EXoWggNura4U5Syl1iBw0GTM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/pmenu.exe

Files

a22d444470142c5bc5ca8f6cd7d28a18_JaffaCakes118
.rar
pmenu.exe
.exe windows:4 windows x86 arch:x86

c8a795fad6d7f01f458865f5088a1384

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
IsBadWritePtr
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
IsValidLocale
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetUnhandledExceptionFilter
IsBadCodePtr
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
GetCurrentDirectoryW
DeleteFileA
WaitForSingleObject
IsValidCodePage
GetExitCodeProcess
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetCurrentProcess
TerminateProcess
HeapReAlloc
HeapFree
HeapAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetSystemTime
GetOEMCP
GetTickCount
GetLastError
Sleep
GetCurrentDirectoryA
CloseHandle
SetEndOfFile
SetFilePointer
MoveFileA
CompareFileTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
SystemTimeToFileTime
SetFileAttributesA
GetFileAttributesA
GetLocalTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
WriteFile
GetACP
ReadFile
GetFileSize
LocalFree
FormatMessageA
GetFullPathNameW
GetFullPathNameA
GetTempPathW
GetTempPathA
GetModuleFileNameW
GetModuleFileNameA
MoveFileW
CopyFileW
CopyFileA
DeleteFileW
GetFileAttributesW
CreateDirectoryW
CreateDirectoryA
SetCurrentDirectoryW
SetCurrentDirectoryA
SetFileAttributesW
GetFileTime
GetTimeZoneInformation
CreateFileA
CreateFileW
IsBadReadPtr
GetVersionExA
WideCharToMultiByte
GetProcAddress
LoadLibraryA
LocalAlloc
FreeLibrary

user32

SetWindowPos
CreateWindowExW
DialogBoxParamW
LoadCursorA
RegisterClassExW
LoadStringW
TranslateMessage
DispatchMessageA
MessageBoxA
GetDlgItem
SendMessageA
GetMessageA
PostMessageA
SetTimer
GetDlgItemTextA
LoadStringA
DefWindowProcA
DestroyWindow
BeginPaint
EndPaint
SetDlgItemTextW
GetDlgItemTextW
SetWindowTextW
EnableWindow
SetDlgItemTextA
EndDialog
PostQuitMessage
MessageBoxW
GetDesktopWindow
GetWindowRect
CopyRect
OffsetRect

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW

crypt32

CertCloseStore
CertNameToStrA
CertFreeCertificateContext
CryptDecodeObject

ws2_32

WSAGetLastError
socket
inet_addr
gethostbyname
connect
htons
WSAStartup
ioctlsocket
select
closesocket
shutdown
send
recv

wininet

InternetCombineUrlA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetUserNameA

oleaut32

SysAllocString
SysFreeString
SysStringByteLen

Sections

.text
Size: 428KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

c8a795fad6d7f01f458865f5088a1384

Headers

File Characteristics

Imports

kernel32

user32

shell32

crypt32

ws2_32

wininet

advapi32

oleaut32

Sections

.text Size: 428KB - Virtual size: 424KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 96KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 428KB - Virtual size: 424KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 96KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 2KB