b5d7977f2bed507ab8b3ee13fdeee162_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b5d7977f2bed507ab8b3ee13fdeee162_JaffaCakes118
Size

785KB
MD5

b5d7977f2bed507ab8b3ee13fdeee162
SHA1

8a0aa312994fc8faa291f19171d1c054a5da7e7d
SHA256

890167eae4188ba4271f7d2c0c4a0c27cf6e8aa2f03113f087a16300ae26ba32
SHA512

3fa754728c179abdf754f439d5379a0c63af6386a60c253b32513aa154ed88efd301fa67dcf085b37a000ca47e6a556227f76320f884b2743f7115681d555d03
SSDEEP

12288:wMiezOJDbiexAOcVxfx2q2ix4d90OkNuH8o9EZd:wMiLJDmextcVxfx9md90OkNUJ6P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5d7977f2bed507ab8b3ee13fdeee162_JaffaCakes118

Files

b5d7977f2bed507ab8b3ee13fdeee162_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7634c9aaf5ad4ef6ec9905b5cd6dad34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

z:\autobuilder\builds\DelphiniI-Maint-Pro2\QuickView.ini\Products\QuickView\Release Pro\ACDSeeQVPro2.pdb

Imports

comctl32

_TrackMouseEvent
ImageList_Draw
ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

shellintmgr40

ShlInt_VerifyAssociations_XMLFile
ShlInt_PerformAssociations_XMLFile

msimg32

GradientFill

kernel32

TerminateThread
lstrcatA
WaitForSingleObject
SetThreadPriority
GetCurrentDirectoryA
GlobalUnlock
GlobalLock
SuspendThread
ResumeThread
GetCurrentThread
SetFileTime
FindFirstFileA
FindNextFileA
FindClose
Sleep
GetCurrentProcessId
TlsAlloc
TlsFree
GetCurrentThreadId
TlsGetValue
TlsSetValue
DeleteCriticalSection
SetEvent
FindFirstChangeNotificationA
WaitForMultipleObjects
FindNextChangeNotification
FindCloseChangeNotification
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
InitializeCriticalSection
SystemTimeToTzSpecificLocalTime
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
FileTimeToSystemTime
CreateEventA
CreateSemaphoreA
ReleaseSemaphore
lstrcpyA
lstrcpynA
GetModuleFileNameA
LoadLibraryA
SetThreadLocale
SetCurrentDirectoryA
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
RaiseException
GetThreadLocale
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
ResetEvent
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
LoadLibraryExA
GetSystemTimeAsFileTime
SetFileAttributesA
QueryPerformanceFrequency
QueryPerformanceCounter
SystemTimeToFileTime
CompareFileTime
FreeResource
LocalFree
FormatMessageA
GetFullPathNameA
GetFileSize
GetProcAddress
GetVersionExA
lstrlenA
lstrcmpiA
MultiByteToWideChar
InterlockedExchange
CreateMutexA
GetLastError
GetTickCount
CloseHandle
FreeLibrary
SetErrorMode
WideCharToMultiByte
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
GetFileTime
MoveFileA
GetUserDefaultLangID
GetACP
lstrcmpA
GetSystemInfo
MulDiv
GlobalAlloc
GlobalFree
DeleteFileA
CreateFileA
GetTempFileNameA

user32

IsRectEmpty
ClientToScreen
DrawFrameControl
TrackPopupMenu
TrackPopupMenuEx
GetMenuItemInfoA
SetMenuItemInfoA
EnumWindows
GetWindowThreadProcessId
MapWindowPoints
GetSubMenu
CallWindowProcA
ScreenToClient
RemoveMenu
GetMenuItemCount
GetMenuStringA
GetClassNameA
GetSysColor
DrawTextA
GetDC
ReleaseDC
GetKeyState
GetFocus
GetCursorPos
SetFocus
LockWindowUpdate
SetWindowPos
KillTimer
GetCursor
SetCursor
CheckMenuItem
GetClassInfoA
RegisterClassA
DestroyMenu
LoadMenuA
MonitorFromWindow
GetMonitorInfoA
EnableMenuItem
LoadBitmapA
SetRect
SetWindowPlacement
GetClientRect
IsWindowVisible
DialogBoxParamA
FillRect
FrameRect
SetWindowLongA
GetWindowLongA
CheckDlgButton
EnableWindow
SetRectEmpty
GetDesktopWindow
SetCursorPos
SetWindowTextA
SetCapture
CharNextA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
PtInRect
InvalidateRgn
ScrollWindowEx
FindWindowA
RegisterClipboardFormatA
IsDialogMessageA
CreateDialogParamA
MessageBeep
ShowCursor
DestroyCursor
InflateRect
DrawFocusRect
GetCapture
GetUpdateRect
EqualRect
SetWindowRgn
UnregisterClassA
GetDlgItem
wsprintfA
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItemTextA
EndDialog
IsDlgButtonChecked
InvalidateRect
SetWindowsHookExA
CallNextHookEx
CreateWindowExA
LoadIconA
LoadCursorA
GetClassInfoExA
RegisterClassExA
SetParent
GetParent
IsChild
MoveWindow
ShowWindow
UpdateWindow
DefWindowProcA
BeginPaint
EndPaint
LoadImageA
DestroyIcon
DestroyWindow
UnhookWindowsHookEx
TranslateMessage
DispatchMessageA
PeekMessageA
RegisterWindowMessageA
SendMessageA
GetMessageA
LoadStringA
MessageBoxA
PostQuitMessage
SetTimer
OffsetRect
SystemParametersInfoA
IsIconic
DialogBoxIndirectParamA
IsWindow
SetForegroundWindow
PostMessageA
ReleaseCapture
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CharUpperA
CharLowerA

gdi32

SetTextColor
SetBkMode
GetTextExtentPoint32A
CreatePen
SelectObject
MoveToEx
LineTo
CreateFontIndirectA
CreateSolidBrush
DeleteObject
GetStockObject
GetDIBColorTable
GetObjectA
CreateDIBSection
SetStretchBltMode
SetDIBitsToDevice
SelectPalette
GetPaletteEntries
GetCurrentObject
RealizePalette
BitBlt
CreateCompatibleBitmap
CombineRgn
CreateRectRgn
DeleteEnhMetaFile
SelectClipRgn
SetBrushOrgEx
Rectangle
SetBkColor
PlayEnhMetaFile
SetEnhMetaFileBits
GetEnhMetaFileBits
SetDIBColorTable
StretchBlt
Arc
CreateEllipticRgn
DeleteDC
GetDeviceCaps
RestoreDC
MaskBlt
CreateBitmap
CreateCompatibleDC
SaveDC
CreatePalette

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

advapi32

ReportEventA
RegisterEventSourceA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegEnumKeyExA
RegOpenKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
DeregisterEventSource

shell32

ExtractIconExA
ShellExecuteA
SHGetFileInfoA
ord4
SHGetMalloc
SHFileOperationA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ord2
SHGetFolderPathA

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

shlwapi

PathFileExistsA
PathAppendA
PathRemoveFileSpecA
PathFindExtensionA
StrStrIA

msvcr80

_CxxThrowException
__CxxFrameHandler3
??2@YAPAXI@Z
malloc
free
calloc
memset
_mbsrchr
sscanf
??_V@YAXPAX@Z
qsort
strrchr
_mbscmp
sprintf
_stat64i32
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
strchr
strstr
atof
memcpy
_mbsstr
floor
_mbsicmp
_splitpath
_mbschr
_endthreadex
_beginthreadex
_CIpow
_purecall
_CIsin
ceil
_aligned_free
_aligned_malloc
_CIsqrt
_CIlog
rand
srand
_CIatan2
_CIlog10
_CIcos
_CIfmod
_CIacos
_CIatan
strncmp
atoi
memmove
_mbsbtype
vsprintf
_stricmp
_stricoll
_strnicoll
isleadbyte
_itoa
strncpy
_mbsnbicmp
_mbslwr_s
__RTDynamicCast
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
_vscprintf
memmove_s
memcpy_s
??3@YAXPAX@Z
memchr
printf
realloc
vsprintf_s

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

imagehlp

ImageEnumerateCertificates
ImageGetCertificateHeader
ImageGetCertificateData
ImageGetDigestStream

ole32

CoCreateInstance

Sections

.text
Size: 480KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7634c9aaf5ad4ef6ec9905b5cd6dad34

Headers

File Characteristics

PDB Paths

Imports

comctl32

shellintmgr40

msimg32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcp80

shlwapi

msvcr80

version

imagehlp

ole32

Sections

.text Size: 480KB - Virtual size: 476KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 24KB - Virtual size: 38KB

.tls Size: 4KB - Virtual size: 4B

.rsrc Size: 124KB - Virtual size: 120KB

.2rdata Size: 80KB - Virtual size: 80KB

.text
Size: 480KB - Virtual size: 476KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 24KB - Virtual size: 38KB

.tls
Size: 4KB - Virtual size: 4B

.rsrc
Size: 124KB - Virtual size: 120KB

.2rdata
Size: 80KB - Virtual size: 80KB