d0520f2cb259532bb27fa7d30c4f36e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d0520f2cb259532bb27fa7d30c4f36e1_JaffaCakes118
Size

633KB
MD5

d0520f2cb259532bb27fa7d30c4f36e1
SHA1

8e9cfd4cffbbde66585638466a132d686798783e
SHA256

49530c2a11a5f278ebe2b1fa542c58aa2c46398765dea0695692da929d13bbc3
SHA512

d3391373f93a598a7ecd9923d96268528e532ba4b188122f43e5045b2aa00aad16b23e9c812c66db50c9ec9cc4f4558ef3de2b3ee38c0c953a4694b6d8ddbfd8
SSDEEP

12288:YAnGDtAT+DeXiNL8pKAxW+i8794lbfudRJ2HBfk+IkyZ/sgJ2uxS:OS+DeXi18p8+i8794lbf8OU7Z/sgIuxS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0520f2cb259532bb27fa7d30c4f36e1_JaffaCakes118

Files

d0520f2cb259532bb27fa7d30c4f36e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b9785eb9a695bb0c0e03da2a97cf9de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\rczip\trunk\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
SHGetFileInfoW
SHGetMalloc
SHBrowseForFolderW

kernel32

SetCurrentDirectoryW
CreateProcessW
GetCurrentDirectoryW
LocalFree
WaitForSingleObject
SetFileApisToOEM
SetPriorityClass
SetThreadPriority
GetLastError
GetEnvironmentVariableW
GetCurrentProcess
GetCurrentThread
GetCommandLineW
FormatMessageW
GetModuleHandleW
FindResourceW
GetFileAttributesW
DeleteFileW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
InterlockedIncrement
InterlockedDecrement
FindFirstFileW
FindClose
FindNextFileW
FileTimeToSystemTime
SetFileTime
SetEndOfFile
WriteFile
GetFileSize
ReadFile
CreateFileW
SetFilePointer
GetCurrentThreadId
ResumeThread
Sleep
GetACP
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
GetTempFileNameW
GetLongPathNameW
MoveFileW
CloseHandle
GetWindowsDirectoryW
GetFullPathNameW
GetVersionExW
ExpandEnvironmentStringsW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
SetEvent
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetModuleFileNameW
GetTempPathW
WaitForMultipleObjects
CreateEventW
ResetEvent
lstrlenW
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
ExitThread
CreateThread
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError

user32

GetActiveWindow
LoadStringW
GetDesktopWindow
ScreenToClient
GetMessageW
IsDialogMessageW
PostQuitMessage
KillTimer
IsWindowVisible
LoadIconW
EnableWindow
CreateDialogParamW
DispatchMessageW
SetTimer
TranslateMessage
DestroyIcon
IsWindow
SendMessageW
MessageBoxW
GetWindowRect
GetSystemMetrics
PostMessageW
DialogBoxParamW
SetWindowPos
GetWindowTextW
SetWindowTextW
GetDlgItem
EndDialog
ShowWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
CoInitializeEx

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b9785eb9a695bb0c0e03da2a97cf9de

Headers

File Characteristics

PDB Paths

Imports

comctl32

shell32

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 268KB - Virtual size: 268KB

.rdata Size: 67KB - Virtual size: 67KB

.data Size: 16KB - Virtual size: 41KB

.rsrc Size: 66KB - Virtual size: 65KB

.text
Size: 268KB - Virtual size: 268KB

.rdata
Size: 67KB - Virtual size: 67KB

.data
Size: 16KB - Virtual size: 41KB

.rsrc
Size: 66KB - Virtual size: 65KB