01cdb8f8955a4df6eebb1aca04d6a43c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

01cdb8f8955a4df6eebb1aca04d6a43c_JaffaCakes118
Size

990KB
MD5

01cdb8f8955a4df6eebb1aca04d6a43c
SHA1

fa0c5567f28806fa7fde8e60083471c98c8eef7c
SHA256

b35cc72677f618874fc109a1a9bb3284869c9de2e54fccfb7367d82a19784c57
SHA512

c16a5149124ea30fe601aeb5930e92f201264c447c26414814b22d77d1088aecacac0d8ad172b27728704d2550112c3e703adff6a3d7a2746b846216bac939cd
SSDEEP

12288:30Gd6nNrZhEHBCKZmQFRgPGUXxviHdFSYfUcGVX1Qg18:kGE1gZmQFmPGUXxviHdFSYfUcGVX6

Score

1^/10

Malware Config

Signatures

Files

01cdb8f8955a4df6eebb1aca04d6a43c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d5301ccda36630bebb94b4758fa56cbe

Code Sign

04
Certificate

Issuer

CN=KISA RootCA 1,OU=Korea Certification Authority Central,O=KISA,C=KR

Not Before

24-08-2005 08:05

Not After

24-08-2025 08:05

Subject

CN=KISA RootCA 1,OU=Korea Certification Authority Central,O=KISA,C=KR

03:af
Certificate

Issuer

CN=yessignCA General Class 2,OU=AccreditedCA,O=yessign,C=kr

Not Before

03-06-2010 15:00

Not After

04-06-2011 14:59

Subject

CN=스카이테크(Skytech),OU=code-sign+OU=20100604000001,O=yessign,C=kr

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

27:84
Certificate

Issuer

CN=KISA RootCA 1,OU=Korea Certification Authority Central,O=KISA,C=KR

Not Before

30-04-2010 01:50

Not After

30-04-2020 01:50

Subject

CN=yessignCA General Class 2,OU=AccreditedCA,O=yessign,C=kr

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\project\Privacy119분양\PCScan\Release\PCScanMon.pdb

Imports

kernel32

GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetFileType
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
SetEnvironmentVariableA
SizeofResource
LockResource
GetCommandLineW
GetEnvironmentStringsW
GetStringTypeW
SetHandleCount
LoadResource
FindResourceW
LoadLibraryW
GetProcAddress
lstrcmpW
lstrcpyW
lstrcpynW
lstrcmpA
LocalFree
FreeLibrary
CloseHandle
OpenProcess
WritePrivateProfileStringW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
GetLastError
MultiByteToWideChar
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
RemoveDirectoryW
DeleteFileW
ExpandEnvironmentStringsW
GetTempPathW
GetLongPathNameW
CreateMutexW
WideCharToMultiByte
lstrlenA
SetLastError
GetModuleHandleW
CreateThread
GetVersionExW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
HeapSize
ExitProcess
HeapReAlloc
RaiseException
RtlUnwind
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
CreateFileW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FindFirstFileW
FindNextFileW
FindClose
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FormatMessageW
MulDiv
lstrlenW

user32

DestroyMenu
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
PostQuitMessage
CharUpperW
GetMessageW
TranslateMessage
GetActiveWindow
ValidateRect
EndPaint
BeginPaint
GrayStringW
DrawTextExW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
UnregisterClassW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
wsprintfW
IsCharAlphaNumericW
wsprintfA
EnableWindow
SetForegroundWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowTextLengthW
GetSysColor
GetWindowRect
RedrawWindow
GetParent
InvalidateRect
UpdateWindow
GetClientRect
FillRect
OffsetRect
SetCursor
SendMessageW
IsWindow
KillTimer
SetTimer
PostMessageW
LoadIconW
GetSystemMetrics
IsIconic
DrawIcon
GetWindowThreadProcessId
IsWindowVisible
GetNextDlgGroupItem
ReleaseCapture
ClientToScreen
GetDC
DrawFocusRect
DrawEdge
WindowFromPoint
GetCursorPos
GetCapture
GetWindowLongW
DrawTextW
ReleaseDC
SystemParametersInfoW
LoadBitmapW
CopyRect
FindWindowW
LoadCursorW
GetSysColorBrush
SetRect
EnumWindows
GetWindowTextW
GetWindowPlacement

gdi32

SetTextAlign
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
DPtoLP
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
StretchBlt
SelectObject
Rectangle
GetStockObject
BitBlt
SetViewportOrgEx
GetViewportOrgEx
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
CreateSolidBrush

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetKeySecurity
CryptCreateHash
CryptHashData
CryptGetHashParam
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegSetValueExW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegFlushKey
RegCreateKeyExW
CryptDestroyHash
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegOpenKeyExW
RegCloseKey
RegDeleteValueA
RegEnumValueA
RegOpenKeyExA
CryptReleaseContext
CryptAcquireContextW

shell32

ShellExecuteW
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

StrStrW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
StrCpyW
StrCmpW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysStringLen
SysAllocStringByteLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantChangeType
VariantInit
SysFreeString
SysAllocString
GetErrorInfo

netapi32

Netbios

iphlpapi

GetAdaptersInfo

crypt32

CryptUnprotectData

wininet

InternetGetConnectedState
FindNextUrlCacheEntryW
FindCloseUrlCache
DeleteUrlCacheEntryW
FindFirstUrlCacheEntryW

ws2_32

send
closesocket
__WSAFDIsSet
select
connect
htons
socket
gethostbyname
ioctlsocket
WSACleanup
WSAStartup
recv

Sections

.text
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 660KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5301ccda36630bebb94b4758fa56cbe

Code Sign

04Certificate

03:afCertificate

Extended Key Usages

Key Usages

27:84Certificate

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

netapi32

iphlpapi

crypt32

wininet

ws2_32

Sections

.text Size: 224KB - Virtual size: 224KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 9KB - Virtual size: 25KB

.rsrc Size: 660KB - Virtual size: 660KB

.reloc Size: 35KB - Virtual size: 34KB

04
Certificate

03:af
Certificate

27:84
Certificate

.text
Size: 224KB - Virtual size: 224KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 9KB - Virtual size: 25KB

.rsrc
Size: 660KB - Virtual size: 660KB

.reloc
Size: 35KB - Virtual size: 34KB