10d25b5fc89f4f8e361650cbdb3bdd8c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10d25b5fc89f4f8e361650cbdb3bdd8c_JaffaCakes118
Size

3.6MB
MD5

10d25b5fc89f4f8e361650cbdb3bdd8c
SHA1

992676f2b864d7edb26bf143b914497c109dc234
SHA256

d85374fe600ede36be57a704a9380afe3bbc19138cea94972ee3b61e722aefcb
SHA512

82dd4be6b29f7c0a0538ef5acecf635db7361daefbd2fc4b322de2059d41e4c076a5f2eb822163b9ed1c913f6d1b6c31bc972bda6dea11fa2d6612ce98048101
SSDEEP

98304:FZzu2JHLz1kTUL5Tc3jpcuUfV8LsFJdUly+d6hi0:FQiLJbi30GLGylHU

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/合30星-V1.2版.exe	aspack_v212_v242

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MY辅助6.6.exe
unpack001/合30星-V1.2版.exe

Files

10d25b5fc89f4f8e361650cbdb3bdd8c_JaffaCakes118
.rar
MY辅助6.6.exe
.exe windows:5 windows x86 arch:x86

3eaa732d4dae53340f9646bdd85dac41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxrar32\Release\sfxrar.pdb

Imports

comctl32

InitCommonControlsEx

shlwapi

SHAutoComplete

kernel32

ReadFile
GetFileAttributesW
SetFileAttributesW
FindNextFileW
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcessId
GetLocaleInfoW
GetNumberFormatW
ExpandEnvironmentStringsW
WaitForSingleObject
DosDateTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetExitCodeProcess
GetTempPathW
MoveFileExW
Sleep
UnmapViewOfFile
MapViewOfFile
GetCommandLineW
CreateFileMappingW
GetTickCount
SetEnvironmentVariableW
OpenFileMappingW
CreateThread
EnterCriticalSection
LeaveCriticalSection
GetProcessAffinityMask
ReleaseSemaphore
ResetEvent
DeleteCriticalSection
SetEvent
SetThreadPriority
InitializeCriticalSection
CreateEventW
CreateSemaphoreW
SystemTimeToFileTime
GetSystemTime
LocalFileTimeToFileTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
FindFirstFileW
GetFileType
SetCurrentDirectoryW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
ExitProcess
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
RaiseException
GetSystemTimeAsFileTime
SetEndOfFile
SetFilePointer
GetStdHandle
WriteFile
FlushFileBuffers
GetLongPathNameW
MoveFileW
GetShortPathNameW
CreateDirectoryW
RemoveDirectoryW
GlobalAlloc
DeleteFileW
FindClose
CreateFileW
DeviceIoControl
SetFileTime
GetCurrentProcess
CloseHandle
CreateHardLinkW
SetLastError
GetLastError
GetCurrentDirectoryW
CreateFileA
GetCPInfo
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind

user32

EnableWindow
ShowWindow
GetDlgItem
MessageBoxW
FindWindowExW
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
LoadCursorW
RegisterClassExW
DefWindowProcW
DestroyWindow
CopyRect
IsWindow
CharUpperW
OemToCharBuffA
LoadIconW
PostMessageW
GetSysColor
SetForegroundWindow
WaitForInputIdle
IsWindowVisible
DialogBoxParamW
DestroyIcon
SetFocus
GetClassNameW
SendDlgItemMessageW
EndDialog
GetDlgItemTextW
SetDlgItemTextW
wvsprintfW
SendMessageW
GetDC
ReleaseDC
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
GetWindowRect
GetClientRect
SetWindowPos
GetWindowTextW
SetWindowTextW
GetSystemMetrics
GetWindow
GetWindowLongW
SetWindowLongW
LoadBitmapW

gdi32

GetDeviceCaps
CreateCompatibleDC
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
DeleteDC
DeleteObject

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

SHChangeNotify
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
SHFileOperationW

ole32

CLSIDFromString
CoCreateInstance
OleInitialize
OleUninitialize
CreateStreamOnHGlobal

oleaut32

VariantInit

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
使用说明.url
合30星-V1.2版.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 259KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 45KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
极速软件下载.url

Sharing

General

Malware Config

Signatures

Files

3eaa732d4dae53340f9646bdd85dac41

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 5KB - Virtual size: 133KB

.rsrc Size: 14KB - Virtual size: 14KB

Headers

File Characteristics

Sections

.text Size: 259KB - Virtual size: 656KB

.rdata Size: 45KB - Virtual size: 208KB

.data Size: 26KB - Virtual size: 384KB

.rsrc Size: 13KB - Virtual size: 124KB

.aspack Size: 104KB - Virtual size: 104KB

.adata Size: - Virtual size: 4KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 133KB

.rsrc
Size: 14KB - Virtual size: 14KB

.text
Size: 259KB - Virtual size: 656KB

.rdata
Size: 45KB - Virtual size: 208KB

.data
Size: 26KB - Virtual size: 384KB

.rsrc
Size: 13KB - Virtual size: 124KB

.aspack
Size: 104KB - Virtual size: 104KB

.adata
Size: - Virtual size: 4KB