f4eca67301cd473ba014b894c7561ff2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f4eca67301cd473ba014b894c7561ff2_JaffaCakes118
Size

1.7MB
MD5

f4eca67301cd473ba014b894c7561ff2
SHA1

5c1a4903d93077ad88861b3d09c7f5c59d616018
SHA256

d0d895362aa6dd39b13d393d64d5d37774089a6c585c9965b78c5e4170739872
SHA512

548b08140de8fecbea945829806d495ddd3be56c438d169e49eca2175480302560e02f16f077ab059e38a18f735d901fcef4d20660e9948623ba087bcc7d4a67
SSDEEP

12288:aQ4qB9BWgdzPGqaHON/dJ7sR1q00OZebnJm99W36O7xhd3Jl6WTAdeH6F0bfiXzd:aQBB2Ka88nmbQ99Wd7xhdZl8Vd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4eca67301cd473ba014b894c7561ff2_JaffaCakes118

Files

f4eca67301cd473ba014b894c7561ff2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

21fb7d8e94d797fc722232cbead8b254

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\project\Privacy119분양\Inprivacy\Release\Inprivacy.pdb

Imports

kernel32

VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA
GetConsoleCP
VirtualProtect
GetTimeZoneInformation
GetSystemInfo
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
HeapSize
lstrlenW
ExitProcess
ExitThread
VirtualAlloc
HeapReAlloc
RaiseException
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
CreateFileW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FindFirstFileW
FindNextFileW
FindClose
CreateEventW
SuspendThread
SetEvent
SetThreadPriority
GetThreadLocale
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
LoadLibraryA
GetVersionExA
FormatMessageW
MulDiv
GetNumberFormatW
GetVersionExW
CreateThread
GetModuleHandleW
SetLastError
HeapFree
GetProcessHeap
HeapAlloc
lstrcatW
lstrcatA
GetTempPathA
GetLocalTime
GetVersion
WideCharToMultiByte
GetDriveTypeW
GetLogicalDriveStringsW
lstrlenA
CreateMutexW
CloseHandle
GetLongPathNameW
GetTempPathW
ExpandEnvironmentStringsW
DeleteFileW
RemoveDirectoryW
ResumeThread
MultiByteToWideChar
GetLastError
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
Sleep
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
LocalFree
lstrcmpA
lstrcpynW
lstrcpyW
lstrcmpW
GetProcAddress
LoadLibraryW
FindResourceW
LoadResource
LockResource
SizeofResource
GetConsoleMode

user32

SetCapture
InvalidateRgn
SetRect
CopyAcceleratorTableW
UnregisterClassW
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
CharUpperW
GetMessageW
TranslateMessage
ValidateRect
CharNextW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
wsprintfW
IsCharAlphaNumericW
wsprintfA
EnableWindow
GetKeyState
SetMenu
IsWindowVisible
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuItemCount
MessageBeep
RegisterClipboardFormatW
GetNextDlgGroupItem
ReleaseCapture
PostThreadMessageW
GetPropW
GetSysColor
KillTimer
InvalidateRect
SetTimer
PostMessageW
GetClientRect
LoadBitmapW
SetParent
SendMessageW
GetWindowRect
GetParent
RedrawWindow
UpdateWindow
FillRect
OffsetRect
SetCursor
IsWindow
FindWindowW
SetForegroundWindow
DefDlgProcW
LoadCursorW
LoadIconW
IsIconic
GetSystemMetrics
DrawIcon
FrameRect
InflateRect
IsRectEmpty
LoadImageW
DrawEdge
LockWindowUpdate
GetWindowLongW
SetWindowLongW
CopyRect
LoadMenuW
GetSubMenu
SetMenuDefaultItem
GetCursorPos
TrackPopupMenu
ClientToScreen
ReleaseDC
GetDC
DrawFocusRect
WindowFromPoint
GetCapture
GetMenuItemID
DrawTextExW

gdi32

GetRgnBox
DPtoLP
GetMapMode
CreateRectRgnIndirect
GetTextColor
GetBkColor
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetTextAlign
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
StretchBlt
DeleteDC
SelectObject
CreatePen
Rectangle
SetViewportOrgEx
GetViewportOrgEx
CreateCompatibleBitmap
CreateFontIndirectW
GetStockObject
GetObjectW
DeleteObject
BitBlt
CreateSolidBrush
CreateCompatibleDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegCreateKeyExW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExA
RegOpenKeyA
RegSetValueExW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegFlushKey
CryptReleaseContext
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegOpenKeyExW
RegCloseKey
RegDeleteValueA
RegEnumValueA
RegOpenKeyExA
CryptAcquireContextW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteA
SHGetFileInfoW
ShellExecuteW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

StrCpyW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
StrStrW

oledlg

OleUIBusyW

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
SysStringLen
SysAllocStringByteLen
VarDateFromStr
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
OleCreateFontIndirect
SystemTimeToVariantTime
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
GetErrorInfo

netapi32

Netbios

iphlpapi

GetAdaptersInfo

crypt32

CryptUnprotectData

wininet

DeleteUrlCacheEntryW
InternetGetConnectedState
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
FindCloseUrlCache

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

ws2_32

__WSAFDIsSet
select
send
recv
WSAStartup
WSACleanup
ioctlsocket
inet_addr
gethostbyname
inet_ntoa
socket
htons
closesocket
connect

Sections

.text
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21fb7d8e94d797fc722232cbead8b254

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

netapi32

iphlpapi

crypt32

wininet

version

ws2_32

Sections

.text Size: 443KB - Virtual size: 442KB

.rdata Size: 97KB - Virtual size: 97KB

.data Size: 14KB - Virtual size: 32KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.reloc Size: 54KB - Virtual size: 54KB

.text
Size: 443KB - Virtual size: 442KB

.rdata
Size: 97KB - Virtual size: 97KB

.data
Size: 14KB - Virtual size: 32KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

.reloc
Size: 54KB - Virtual size: 54KB