f19d8be5dafb56dfe5c3ccd0964e085d_JaffaCakes118

Resubmissions

25/04/2024, 14:11

240425-rg93xsbd7s 7

24/04/2024, 11:24

240424-nh8ppshc4x 7

15/04/2024, 17:37

240415-v7eaqacb85 7

Sharing

Copy URL Twitter E-mail

General

Target

f19d8be5dafb56dfe5c3ccd0964e085d_JaffaCakes118
Size

4.1MB
MD5

f19d8be5dafb56dfe5c3ccd0964e085d
SHA1

4f921a30b59fb576e9d1abb1532c04c3f231db98
SHA256

f9f3e7a68cb7496ec247652efd48cf1ee861e29f934f905fc8fffc26104a1ecb
SHA512

22ebb3f5c2ca674029c68d694cfb61faa6a0f5bc69fc0feac8c02ae1cdc9bdd6e17ea6363abeeab8dfc79a9ad50f84fb75567d2fd55a6a9cdebfdc511750240e
SSDEEP

98304:aLujYl1uZYeEf3xdkjtbNxnTb8r5xjtxkfcHluC0AAIf1y9E+:aLiYlwJ2BdqTGxBxkfkUJ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WiFi_Route.exe

Files

f19d8be5dafb56dfe5c3ccd0964e085d_JaffaCakes118
.rar
155绿色软件站.url
.url
ApWiFi.dat
Styles/Codejock.cjstyles
.dll windows:4 windows x86 arch:x86

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bf
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

20/10/2008, 00:00

Not After

20/10/2010, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06
Signer

Actual PE Digest

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WiFi_Route.exe
.exe windows:5 windows x86 arch:x86

f7f96e8e97a02c9c8981655596df5e9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 kernel32

GetConsoleOutputCP 1�Q

kernel32

VirtualProtect
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetTickCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryW
HeapSize
ExitProcess
RaiseException
RtlUnwind
CreateThread
ExitThread
HeapReAlloc
GetStartupInfoW
GetFileSizeEx
SetErrorMode
GetFileTime
GlobalGetAtomNameW
EnumResourceTypesW
EnumResourceNamesW
LocalSize
LoadLibraryExW
LoadLibraryExA
GetProcAddress
FreeLibrary
DeleteCriticalSection
GetProcessTimes
GetCurrentProcess
lstrcpyW
GetModuleHandleW
lstrcpynW
lstrlenW
GetLocalTime
WideCharToMultiByte
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
GetSystemDefaultLangID
CreateMutexW
GetLastError
CloseHandle
Sleep
GetVersion
lstrcatW
VirtualAlloc
FormatMessageW
HeapAlloc
GetProcessHeap
HeapFree
GetWindowsDirectoryW
lstrcmpiW
WinExec
CreateFileW
GetFileSize
ReadFile
lstrlenA
VirtualFree
SetFilePointer
WriteFile
GetModuleFileNameW
GetModuleFileNameA
GetExitCodeThread
WaitForSingleObject
CreateEventW
ResetEvent
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalAlloc
MulDiv
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
InterlockedDecrement
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CreateRemoteThread
Module32NextW
Module32FirstW
Process32NextW
GetPriorityClass
Process32FirstW
CreateToolhelp32Snapshot
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
CreateFileMappingW
SetProcessWorkingSetSize
OpenProcess
GetCurrentProcessId
SetEvent
CopyFileW
SetFileAttributesW
LocalAlloc
GetComputerNameW
CreateDirectoryW
GetUserDefaultLCID
TerminateProcess
TerminateThread
DeleteFileW
GetFileAttributesW
IsBadStringPtrW
LocalFree
GetSystemTimeAsFileTime

user32

LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
InvalidateRgn
CopyAcceleratorTableW
GetSysColorBrush
GetMenuItemInfoW
UnregisterClassW
CharUpperW
ReleaseCapture
SetCapture
SystemParametersInfoW
ShowOwnedPopups
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
InflateRect
GetMessageW
TranslateMessage
ValidateRect
GetMenuStringW
MoveWindow
IsDialogMessageW
GetDlgItemTextW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetWindowThreadProcessId
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
LoadIconW
SetRectEmpty
SendMessageW
SetTimer
GetMessageTime
GetMessagePos
PeekMessageW
ScrollWindow
TrackPopupMenuEx
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetSystemMenu
GetDlgCtrlID
CallWindowProcW
GetMenu
IntersectRect
ReuseDDElParam
UnpackDDElParam
CharNextW
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
GetCapture
DestroyIcon
SystemParametersInfoA
GetWindowPlacement
SetWindowPos
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetWindowLongW
GetWindowLongW
IsWindow
CopyRect
OffsetRect
GetWindowRect
GetDC
ReleaseDC
SetRect
IsRectEmpty
KillTimer
PostMessageW
ShowWindow
EnableWindow
GetParent
GetCursorPos
LookupIconIdFromDirectoryEx
LoadImageW
CreateIconFromResourceEx
CreateIconIndirect
CopyIcon
GetIconInfo
GetDoubleClickTime
DrawFocusRect
WaitMessage
GetMenuDefaultItem
SetMenuDefaultItem
SetClassLongW
GetWindow
UnhookWindowsHookEx
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
ExitWindowsEx
EnableMenuItem
SetCursor
PtInRect
GetMenuState
GetWindowTextLengthW
MapWindowPoints
EnumChildWindows
GetClassNameW
SetDlgItemTextW
GetDlgItem
IsDlgButtonChecked
GetWindowTextW
UpdateWindow
LoadBitmapW
SetMenu
LoadMenuW
CheckMenuItem
DrawMenuBar
RedrawWindow
AppendMenuW
CreatePopupMenu
DestroyMenu
IsMenu
ModifyMenuW
SetWindowTextW
RegisterWindowMessageW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetSysColor
SetWindowRgn
InvalidateRect
DrawStateW
DrawIconEx
SendMessageTimeoutW
DrawFrameControl
DrawEdge
RegisterClassA
FillRect
RegisterClassW
LoadCursorW
DefWindowProcW
wsprintfW
GetAsyncKeyState
IsWindowVisible
TrackPopupMenu
SetForegroundWindow
SetWindowLongA
GetWindowLongA
IsWindowUnicode
EnumWindows
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA
DefMDIChildProcW

gdi32

IntersectClipRect
LineTo
MoveToEx
SelectClipRgn
GetClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
ExtSelectClipRgn
DeleteDC
SelectPalette
GetObjectType
GetDeviceCaps
CreateHatchBrush
CreateRectRgnIndirect
GetMapMode
PatBlt
DPtoLP
CreateEllipticRgn
LPtoDP
Ellipse
GetTextExtentPoint32W
GetTextMetricsW
GetRgnBox
StretchDIBits
SetMapMode
SetStretchBltMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
SetBkMode
Escape
ExtTextOutW
DeleteObject
CreateCompatibleDC
SelectObject
CreateDIBSection
GetObjectW
GetStockObject
CreateFontIndirectW
GetGlyphOutlineW
CreateCompatibleBitmap
BitBlt
CreateFontW
CreateSolidBrush
CreatePen
CreateRectRgn
CreateRoundRectRgn
OffsetRgn
CombineRgn
GetTextCharsetInfo
StretchBlt
Polygon
CreatePalette
CreateDIBitmap
GetDIBits
GetBitmapDimensionEx
SetPixelV
CreatePatternBrush
GetBrushOrgEx
GetBkColor
SetBrushOrgEx
GetTextColor
GetBkMode
TextOutW
RectVisible
PtVisible
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
StartServiceW
ChangeServiceConfigW
RegSetValueExW
RegDeleteValueW
EnumServicesStatusW
RegEnumKeyW
RegQueryValueW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

DragQueryFileW
DragFinish
ShellExecuteExW
SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteW

comctl32

InitCommonControlsEx
FlatSB_GetScrollProp
_TrackMouseEvent
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_Destroy

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx
StringFromGUID2
CoUninitialize
CoCreateInstance
CoInitialize
CoRegisterMessageFilter
OleUninitialize

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantInit
SysAllocString
SysStringLen
SysFreeString
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
OleLoadPicturePath

rpcrt4

UuidToStringW
RpcStringFreeW
UuidFromStringW

wsock32

ioctlsocket
WSAStartup
gethostbyaddr
inet_addr
htons

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ApWiFi
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ApWiFi
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
更新记录.txt
联系我们.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bfCertificate

Extended Key Usages

Key Usages

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06Signer

Headers

File Characteristics

Sections

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 512B - Virtual size: 12B

f7f96e8e97a02c9c8981655596df5e9c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32 kernel32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

rpcrt4

wsock32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.ApWiFi Size: 3.8MB - Virtual size: 3.8MB

.idata Size: 24KB - Virtual size: 24KB

.rsrc Size: 11KB - Virtual size: 12KB

.ApWiFi Size: 4KB - Virtual size: 4KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bf
Certificate

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06
Signer

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1.3MB - Virtual size: 1.3MB

.ApWiFi
Size: 3.8MB - Virtual size: 3.8MB

.idata
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 11KB - Virtual size: 12KB

.ApWiFi
Size: 4KB - Virtual size: 4KB