c79c3762b6d2b621c585edbb11ad07fc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c79c3762b6d2b621c585edbb11ad07fc_JaffaCakes118
Size

181KB
MD5

c79c3762b6d2b621c585edbb11ad07fc
SHA1

37687d97e6d09ec13273833131fab08bb9b0e0c3
SHA256

f8bc82f2fa652428bb60cc2786297d752b02224e52a10d5d4e64c4ea0f4950b9
SHA512

11b5e7f1bcaadeb7823f25081938b281213f083ff00c45b373e9ebc6f814e88da98d7684f6c25d553acb80c677a13281c0ccc9e6f85779e7b2b7f020bbb35039
SSDEEP

1536:FbXj9+Wby4TJXzLQmGEpc8ajyw3o9FDrxtF2I/AP+XtGgue2T9gfa7Cy:FLR+0y4TtNEP3o9FD9tTr9Gg7zSb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c79c3762b6d2b621c585edbb11ad07fc_JaffaCakes118

Files

c79c3762b6d2b621c585edbb11ad07fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

682e49bff9cbd2b21bba5a8e59c102b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\svn\QQMusicCli2008_proj\branches\QQMusic2011V7.96.2062.0525\PDB\DMPC_HtmlBrowser.pdb

Imports

wininet

InternetSetCookieW

kernel32

CreateThread
CreateEventW
InterlockedIncrement
InterlockedDecrement
SetEvent
GetCommandLineW
FlushInstructionCache
GetCurrentProcess
SetLastError
TerminateThread
ResetEvent
OpenProcess
SetProcessWorkingSetSize
GetVersion
WaitForMultipleObjects
RaiseException
GetStringTypeW
GetCurrentThreadId
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
DeleteCriticalSection
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
ExitProcess
GetModuleFileNameA
GetStdHandle
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
GetModuleHandleW
Sleep
GetStringTypeA
WaitForSingleObject
TlsGetValue
HeapCreate
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStartupInfoW
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
SetStdHandle
UnhandledExceptionFilter
TerminateProcess
VirtualQuery
GetSystemInfo
GetModuleHandleA
InitializeCriticalSection
GetLocalTime
CreateFileW
SetFilePointer
lstrlenW
WriteFile
CloseHandle
GetModuleFileNameW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetFileType
VirtualProtect
RtlUnwind
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InterlockedCompareExchange
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetLastError

user32

SendMessageW
GetDlgItem
EndPaint
BeginPaint
GetWindow
GetClassNameW
AdjustWindowRectEx
UnregisterClassA
GetClientRect
FillRect
CallWindowProcW
GetWindowLongW
GetDesktopWindow
DefWindowProcW
KillTimer
SetTimer
PostMessageW
PostQuitMessage
CreateWindowExW
DestroyWindow
MoveWindow
SetWindowLongW
IsWindow
PostThreadMessageW
GetMessageW
DispatchMessageW
TranslateMessage
CharUpperW
CharNextW
RegisterClassExW
LoadCursorW
GetClassInfoExW
ShowWindow

gdi32

DeleteObject
CreateSolidBrush

shell32

SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
StringFromCLSID
CoCreateInstance
CoInitializeEx

oleaut32

VariantClear
SysFreeString
SysStringLen
DispCallFunc
VariantInit
SysAllocString
LoadTypeLi
LoadRegTypeLi

shlwapi

PathFileExistsW

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

682e49bff9cbd2b21bba5a8e59c102b8

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 28KB - Virtual size: 26KB