3088665eb9b3240e66d7269b74013419_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3088665eb9b3240e66d7269b74013419_JaffaCakes118
Size

328KB
MD5

3088665eb9b3240e66d7269b74013419
SHA1

e8e572cfec0579528fcb73e984bf5dd4dad54e31
SHA256

e6f022602fe521e056c3d42a76226cc1cac3befe2716f62c9423f6fb98383813
SHA512

6d877ed495edd2381cacba252a8874d605ba2c787c478489c941aab45a99156320efe40da198138a7288ce79b790036c7886b8e9dd6acb670669316677158ddb
SSDEEP

6144:3PzZgTAWPlbALXqo1jmUZxL6xQGQm9UmM7I+6cw:LCAW6LXqs76ve7I+L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3088665eb9b3240e66d7269b74013419_JaffaCakes118

Files

3088665eb9b3240e66d7269b74013419_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a59752aed6136c123ee2bd468c8a852

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\!!!代码们\85代码\ClientLib\bin\Release\CrashReport.pdb

Imports

comctl32

InitCommonControlsEx

kernel32

GetModuleHandleA
CreateProcessA
GetWindowsDirectoryA
GetFileSize
CreateFileA
ReadFile
HeapFree
GetProcessHeap
WriteFile
GetLastError
HeapAlloc
FileTimeToSystemTime
FileTimeToDosDateTime
GetModuleFileNameA
GetFileInformationByHandle
GetFileType
MapViewOfFile
CreateFileMappingA
DuplicateHandle
GetCurrentProcess
SystemTimeToFileTime
UnmapViewOfFile
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
ExitProcess
GetSystemTimeAsFileTime
GetEnvironmentVariableA
GetPrivateProfileIntA
WaitForSingleObject
CloseHandle
CopyFileA
ResumeThread
CreateDirectoryA
GetLocalTime
GetCurrentDirectoryA
SetFilePointer

user32

GetMessagePos
GetWindowRect
SetCursor
LoadCursorA
GetSystemMetrics
SetTimer
SetFocus
PostQuitMessage
GetDesktopWindow
KillTimer
ShowWindow
GetWindowTextA
SetWindowLongA
CreateWindowExA
SetWindowPos
GetWindowLongA
DefWindowProcA
BeginPaint
GetClientRect
GetDlgItem
SetWindowTextA
DialogBoxParamA
GetSysColor
FillRect
GetParent
DrawTextA
EndPaint
LoadIconA
GetAsyncKeyState
SetDlgItemTextA
MessageBoxA
GetDlgItemTextA
SendMessageA
EnableWindow

gdi32

SelectObject
SetTextColor
CreateSolidBrush
TextOutA
SetBkColor
SetBkMode
CreateFontIndirectA
GetObjectA
DeleteObject

shell32

SHBrowseForFolderA
ShellExecuteA
SHGetPathFromIDListA

ole32

CoInitialize
CoUninitialize

shlwapi

PathFindFileNameA
SHGetValueA
PathAddBackslashA
PathRemoveFileSpecA
PathAppendA
PathFileExistsA

msvcp71

?_Nomemory@std@@YAXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

msvcr71

_onexit
__dllonexit
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
_except_handler3
__security_error_handler
_callnewh
malloc
_tzset
??_V@YAXPAX@Z
mktime
_stricmp
strncmp
atol
??0exception@@QAE@XZ
??1exception@@UAE@XZ
sprintf
??0exception@@QAE@ABV0@@Z
_beginthreadex
atoi
__CxxFrameHandler
_CxxThrowException
??3@YAXPAX@Z
fclose
ftell
fseek
fopen
strncpy
fread
strchr
fgets
_snprintf
fprintf
_controlfp

wininet

InternetWriteFile
HttpSendRequestA
InternetSetCookieA
HttpAddRequestHeadersA
HttpOpenRequestA
HttpEndRequestA
HttpSendRequestExA
InternetAttemptConnect
InternetConnectA
InternetOpenA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a59752aed6136c123ee2bd468c8a852

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

shell32

ole32

shlwapi

msvcp71

msvcr71

wininet

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 28KB - Virtual size: 24KB

.tc Size: 248KB - Virtual size: 248KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 28KB - Virtual size: 24KB

.tc
Size: 248KB - Virtual size: 248KB