2f88bf4983c5f31a7d03a774b01fa020_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f88bf4983c5f31a7d03a774b01fa020_JaffaCakes118
Size

572KB
MD5

2f88bf4983c5f31a7d03a774b01fa020
SHA1

6a4adb69ed6e9ffa7ce6c396f9ae09193f27169f
SHA256

e831657dd7462b66a9d33e81a70c4a047c96dc8941bfbbea965d9182f9eed5ec
SHA512

a9909d476891ef3880964302602a27a943449a33526c5da12520d6c16921303f38fc38aa32d640e5c7a0f82a0ad1005d6f11d2fc1ac1c882a77c7a2ca9b55f54
SSDEEP

12288:XrGR8IBncsg33rH/5mqnmcyOq5c8YLOMh9wEzxMku5nu3:XraHcsgnpyOq5c8YLOMXwEzxMku5nu3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f88bf4983c5f31a7d03a774b01fa020_JaffaCakes118

Files

2f88bf4983c5f31a7d03a774b01fa020_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d82efc5bd4c646039c82add71761cce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Working\_Project\통합 검색기\실시간 검색기\Release\RealTimeSearch.pdb

Imports

kernel32

VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
HeapFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
HeapAlloc
RtlUnwind
ExitProcess
SetErrorMode
GetFileTime
GetFileAttributesA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FindFirstFileA
FindClose
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GlobalFlags
WritePrivateProfileStringA
GetCurrentThread
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
InterlockedDecrement
InterlockedIncrement
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
GlobalAlloc
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CompareStringW
CompareStringA
lstrlenA
GetVersion
GetLastError
RaiseException
MultiByteToWideChar
lstrcpyA
lstrcmpiA
TerminateProcess
CloseHandle
GetTickCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MulDiv
Sleep
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualFree
InterlockedExchange

user32

PostThreadMessageA
ReleaseCapture
SetCapture
InvalidateRgn
CopyAcceleratorTableA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMessageA
ValidateRect
wsprintfA
CharNextA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
RegisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
GetWindowPlacement
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
UnregisterClassA
CharUpperA
GetSystemMetrics
InvalidateRect
UpdateWindow
IsIconic
GetSystemMenu
LoadMenuA
GetSubMenu
AppendMenuA
DrawIcon
LoadBitmapA
PeekMessageA
TranslateMessage
DispatchMessageA
GetClassInfoA
DefWindowProcA
LoadCursorA
GetCursorPos
WindowFromPoint
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
IsChild
ChildWindowFromPointEx
GetActiveWindow
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
GetWindowRect
SetWindowRgn
OffsetRect
InflateRect
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
CopyRect
GetSysColor
SystemParametersInfoA
DrawStateA
IsWindow
LoadIconA
KillTimer
SetTimer
PostMessageA
SendMessageA
EnableWindow
GetWindowTextA

gdi32

ExtSelectClipRgn
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
GetMapMode
GetRgnBox
SetMapMode
SetROP2
SetBkMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
DeleteObject
CreateFontIndirectA
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
GetDeviceCaps
GetTextMetricsA
BitBlt
FrameRgn
FillRgn
CreateCompatibleDC
OffsetRgn
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
CreateCompatibleBitmap
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

ord17
ImageList_Destroy

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
UrlUnescapeA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject

oleaut32

SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString

wininet

InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetQueryDataAvailable
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetSetOptionExA

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d82efc5bd4c646039c82add71761cce

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 192KB - Virtual size: 191KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 192KB - Virtual size: 191KB