22a3b59b76aa250f08d0c422b6c54038_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

22a3b59b76aa250f08d0c422b6c54038_JaffaCakes118
Size

4.3MB
MD5

22a3b59b76aa250f08d0c422b6c54038
SHA1

274d6c374c2d3c5702afe57e4d68a5af61e6f82f
SHA256

7d448328f4a8736a322a3cc06f515dfaca712e7a00e53bb5abd968a988e7d545
SHA512

8222f4319610242460dac6cae890b1b88132f84ffa5631db55f7ac48b03a4b42f2a043dc137641b60413ea816f212aca0d7c9ea3a42ae1ff19ef9ff0d333cd5a
SSDEEP

98304:X/wWm214IaUnvj0I6AB3juu4ZqgKqTbO3Mv4W0xw:YWm21zXn3fs3jW9WCw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/页游账号盒子.exe

Files

22a3b59b76aa250f08d0c422b6c54038_JaffaCakes118
.rar
使用说明.url
极速软件下载.url
.url
页游账号盒子.exe
.exe windows:5 windows x86 arch:x86

af0126e831e98909533526252564106c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\金昶E盘\yuanma\导量新端\install_uninstall\InstallBrowser\Release\w114.pdb

Imports

kernel32

GetStringTypeW
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualAlloc
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
ExitThread
HeapReAlloc
RaiseException
RtlUnwind
HeapAlloc
HeapFree
ExitProcess
GetDateFormatW
GetTimeFormatW
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
GetStartupInfoW
HeapSetInformation
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetSystemDirectoryW
GlobalFlags
lstrlenA
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DeleteFileW
lstrcmpiW
GetThreadLocale
WaitForSingleObject
ResumeThread
GetPrivateProfileStringW
GetPrivateProfileIntW
LocalAlloc
FileTimeToLocalFileTime
lstrcmpA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
FreeLibrary
lstrcmpW
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
GetLastError
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
UnmapViewOfFile
GetFileSize
FileTimeToSystemTime
SetFileTime
GetFileAttributesW
LocalFileTimeToFileTime
GetCurrentDirectoryW
SystemTimeToFileTime
ReadFile
SetFilePointer
CreateThread
GetCurrentThread
SetThreadPriority
GetCurrentProcess
lstrcatW
lstrcpyW
CloseHandle
WriteFile
CreateFileW
CreateProcessW
Sleep
WritePrivateProfileStringW
lstrlenW
GetProcAddress
CreateDirectoryW
GetWindowsDirectoryW
GetEnvironmentVariableW
GetCommandLineW
GetVersionExW
SetErrorMode
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
FreeResource
GetModuleHandleW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource

user32

CharUpperW
DestroyMenu
GetMenuItemInfoW
LoadMenuW
DrawStateW
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
GetSysColorBrush
CallWindowProcW
GetMenu
GetWindow
IntersectRect
InflateRect
CopyRect
GetWindowThreadProcessId
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
FindWindowW
GetIconInfo
wsprintfW
DrawIcon
GetSystemMetrics
GetKeyState
AppendMenuW
GetSystemMenu
EnableWindow
GetWindowRgn
ReleaseCapture
PostMessageW
InvalidateRect
GetDC
ReleaseDC
WaitMessage
DestroyCursor
SetCapture
GetCursorPos
KillTimer
SetWindowPos
SetWindowRgn
SetLayeredWindowAttributes
IsIconic
ScreenToClient
GetWindowRect
OffsetRect
IsZoomed
GetUpdateRect
GetFocus
LoadImageW
SetWindowLongW
SubtractRect
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetDoubleClickTime
IsClipboardFormatAvailable
CreateMenu
TranslateMDISysAccel
DeleteMenu
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
CharUpperBuffW
GetWindowLongW
SetTimer
GetClientRect
SystemParametersInfoW
LoadIconW
SendMessageW
CopyIcon
DestroyIcon
SetRect
PtInRect
LoadCursorW
RealChildWindowFromPoint
CopyImage
SetRectEmpty
EnumDisplayMonitors
UnregisterClassW
WindowFromPoint
DefWindowProcW
FrameRect
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
HideCaret
InvertRect
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
GetAsyncKeyState
NotifyWinEvent
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
CharNextW
GetClassInfoW

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
GetMapMode
PatBlt
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
CreateRoundRectRgn
CreateDIBSection
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
CreateBitmap
DeleteObject
DeleteDC
SetPixel
SelectObject
CombineRgn
CreateRectRgn
BitBlt
GetPixel
CreateSolidBrush
CreateFontW
GetTextExtentPoint32W
GetDeviceCaps
GetObjectW
GetStockObject
CreateFontIndirectW
CreateCompatibleBitmap
DPtoLP
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyExW
RegEnumValueW

shell32

SHGetFileInfoW
SHGetDesktopFolder
ShellExecuteW
SHChangeNotify
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetMalloc
CommandLineToArgvW
DragFinish
DragQueryFileW
SHAppBarMessage

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
UrlUnescapeW
PathFindExtensionW
PathFileExistsW
PathIsDirectoryW
PathRemoveFileSpecW

ole32

CoRegisterMessageFilter
CoCreateGuid
CoCreateInstance
CoInitialize
CoUninitialize
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitializeEx
CoTaskMemFree
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard

oleaut32

VariantInit
SysAllocString
VariantCopy
VariantChangeType
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
VariantClear
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipSetInterpolationMode
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStream
GdipCloneBitmapArea
GdipCreateBitmapFromResource
GdipDrawImageRectI
GdipDrawImageRectRect
GdipFree
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipLoadImageFromFileICM
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageWidth
GdipGetImageHeight
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesWrapMode

winmm

PlaySoundW
timeSetEvent
timeKillEvent
timeEndPeriod

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
InternetQueryDataAvailable

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af0126e831e98909533526252564106c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

winmm

oleacc

wininet

imm32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 299KB - Virtual size: 298KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 3.7MB - Virtual size: 3.7MB

.reloc Size: 197KB - Virtual size: 200KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 299KB - Virtual size: 298KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

.reloc
Size: 197KB - Virtual size: 200KB