26250c39ea2cfc3fe7b1d83f66e8d3bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26250c39ea2cfc3fe7b1d83f66e8d3bd_JaffaCakes118
Size

599KB
MD5

26250c39ea2cfc3fe7b1d83f66e8d3bd
SHA1

22fce9c6d9a8504c49c6a965fe34ceaf5ee0a5d7
SHA256

ba68e1f8ef205bef19c4ee4682c22f11dca7e4dee9aad60e2f667d709669e16b
SHA512

73a474de1a166ac7ee06fd838d6cdc0691a5a40022a5d2b5d9016a695e0474780c41c429a429f6be62220ff7a2bb2b24be90717df4601bf05960df359cbd6cad
SSDEEP

12288:6yf2XzC0xrm2gyZgsUKztAlJo4SvYvGWPIWlV2EQuhZ3Bj:6yf2Vr3gytTSw4SQvGiIWrQ4j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/手机进销存(单机版)/barcodex.ocx

Files

26250c39ea2cfc3fe7b1d83f66e8d3bd_JaffaCakes118
.rar
手机进销存(单机版)/barcodex.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

78031dfeeb682f1036388b813aa0eb7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringW
IsBadWritePtr
LCMapStringA
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
GetEnvironmentStrings
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetEnvironmentStringsW
HeapCreate
GetProcAddress
CompareStringW
SetEnvironmentVariableA
VirtualAlloc
VirtualFree
HeapSize
GetVersionExA
GetEnvironmentVariableA
GetACP
RaiseException
TerminateProcess
ExitProcess
GetSystemTime
GetCommandLineA
GetLocalTime
HeapAlloc
GetTimeZoneInformation
HeapReAlloc
GetProfileIntA
HeapFree
RtlUnwind
GetFileSize
GetFileTime
GetOEMCP
GetFileAttributesA
FindResourceExA
FileTimeToSystemTime
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCPInfo
FileTimeToLocalFileTime
CopyFileA
GlobalSize
GetVolumeInformationA
GetFullPathNameA
FindFirstFileA
FindClose
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
DuplicateHandle
ReadFile
GetCurrentProcess
WritePrivateProfileStringA
GetProcessVersion
GlobalFlags
LocalReAlloc
SetErrorMode
TlsGetValue
GlobalHandle
TlsSetValue
TlsFree
FormatMessageA
TlsAlloc
LocalAlloc
SetLastError
LocalFree
MulDiv
GlobalGetAtomNameA
LockResource
GetVersion
GetUserDefaultLCID
GlobalAddAtomA
GlobalFindAtomA
GetCurrentThread
GlobalDeleteAtom
lstrcmpA
GlobalReAlloc
GetCurrentThreadId
GlobalAlloc
GlobalUnlock
GlobalLock
CreateFileA
GlobalFree
CloseHandle
WriteFile
LoadLibraryA
lstrcatA
lstrcpyA
SetStdHandle
IsDBCSLeadByte
lstrcpynA
HeapDestroy
lstrcmpiA
CompareStringA
LoadLibraryExA

user32

InsertMenuA
UnregisterClassA
wvsprintfA
LockWindowUpdate
GetMenuStringA
EnumChildWindows
EndDialog
CreateDialogIndirectParamA
GetTabbedTextExtentA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
SetWindowTextA
IsDialogMessageA
LoadIconA
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
GetTopWindow
WinHelpA
GetClassInfoA
RegisterClassA
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
LoadStringA
GetSysColorBrush
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClassNameA
SetRect
GrayStringA
TabbedTextOutA
GetClientRect
SetRectEmpty
GetDCEx
AppendMenuA
SetCapture
LoadCursorA
PtInRect
GetSystemMetrics
RegisterClipboardFormatA
MoveWindow
ScreenToClient
IsChild
IsRectEmpty
IntersectRect
CreateMenu
DestroyMenu
GetSysColor
GetDesktopWindow
GetMenuItemCount
GetMenu
GetSubMenu
GetMenuItemID
UpdateWindow
InflateRect
GetWindowRect
ShowWindow
OffsetRect
InvalidateRect
DrawEdge
CopyRect
SetParent
SetWindowPos
CallWindowProcA
DefWindowProcA
SetWindowLongA
DestroyWindow
UnhookWindowsHookEx
wsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
DestroyIcon
CharUpperA
RemovePropA
GetPropA
RemoveMenu
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostMessageA
PostQuitMessage
DrawTextA
SendMessageA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetDC
ReleaseDC
EnableWindow
FillRect
CharNextA
GetDialogBaseUnits
GetCapture
ReleaseCapture
GetMessageTime

gdi32

SetWorldTransform
PtVisible
TextOutA
Escape
RestoreDC
SaveDC
SetMapMode
SetViewportOrgEx
SetROP2
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SelectClipRgn
ScaleWindowExtEx
MoveToEx
SetTextAlign
CreateCompatibleDC
GetCurrentPositionEx
CreateSolidBrush
CreatePen
CreatePatternBrush
GetTextAlign
GetTextExtentPoint32A
SetRectRgn
DPtoLP
PatBlt
CreateDCA
EnumFontFamiliesExA
CopyMetaFileA
Rectangle
UnrealizeObject
CloseMetaFile
DeleteMetaFile
CreateMetaFileA
GetDeviceCaps
CreateRectRgn
LPtoDP
RectVisible
SetBkMode
SetBkColor
CreateRectRgnIndirect
GetClipBox
GetStockObject
DeleteDC
GetTextMetricsA
CreateBitmap
DeleteObject
GetDIBits
CopyEnhMetaFileA
DeleteEnhMetaFile
PlayEnhMetaFile
CloseEnhMetaFile
ExtTextOutA
CreateEnhMetaFileA
GetWorldTransform
GetObjectA
CreateDIBSection
CombineRgn
SetTextColor
SelectObject
CreateFontIndirectA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegSetValueA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
RegCreateKeyA
RegQueryValueA

shell32

ExtractIconA
ShellExecuteA

comctl32

ord17

ole32

CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
OleDuplicateData
ReadFmtUserTypeStg
CoDisconnectObject
CreateILockBytesOnHGlobal
ReleaseStgMedium
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleSaveToStream
CreateDataCache
StringFromGUID2
CoRevokeClassObject
CoRegisterClassObject
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
OleLoadFromStream
CreateOleAdviseHolder
StringFromCLSID
ReadClassStm
CreateDataAdviseHolder

olepro32

ord254
ord250
ord252
ord253
ord251

oleaut32

SysAllocStringByteLen
SysAllocStringLen
VariantChangeType
VariantClear
SysStringByteLen
VariantInit
SafeArrayCreateVector
SafeArrayAccessData
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VarUI4FromStr
VariantCopy
SysStringLen
LoadRegTypeLi
SafeArrayUnaccessData

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
手机进销存(单机版)/dasha.ini
手机进销存(单机版)/dasha2.ini
手机进销存(单机版)/dasha3.ini
手机进销存(单机版)/readme.txt
手机进销存(单机版)/shan.edb
手机进销存(单机版)/shan2.edb

Sharing

General

Malware Config

Signatures

Files

78031dfeeb682f1036388b813aa0eb7a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

Exports

Exports

Sections

.text Size: 332KB - Virtual size: 329KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 36KB - Virtual size: 47KB

.rsrc Size: 20KB - Virtual size: 16KB

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 332KB - Virtual size: 329KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 36KB - Virtual size: 47KB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 36KB - Virtual size: 35KB