34ce9e7c4a8b27b4f63cf1d107f07c42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

34ce9e7c4a8b27b4f63cf1d107f07c42_JaffaCakes118
Size

2.9MB
MD5

34ce9e7c4a8b27b4f63cf1d107f07c42
SHA1

b477de7d160b9bc12494e53386fd527937a9fe04
SHA256

acc0e8ab490c24243de98704abc966ed404632850453dd69a12d2f6fd97fd3d0
SHA512

9aae5fb62804e5aee5dd393c69f22ff926a0c39e703fcc958391802877db297f61da8122b6d6cfcdd904e5e835c39512db61de075bd7ca8c6824f4fe0300e58d
SSDEEP

49152:KlYogKJocxZDEsTxhR0YgpJStR6da9x1a7zd53uwY0826o1f0ZR+C40AWmKE3qzI:KlYsHEIx92JK+2aH3uwY0R6if0ZRYzWc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/300herobox/300yingxionghz/300herobox.exe

Files

34ce9e7c4a8b27b4f63cf1d107f07c42_JaffaCakes118
.rar
300herobox/300yingxionghz/300herobox.exe
.exe windows:4 windows x86 arch:x86

d8d30710927a18abca70c46b760d36aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EmptyClipboard
DestroyMenu
PostQuitMessage
PostMessageA
SetCursor
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetSystemMetrics
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
SetClipboardData
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
UnhookWindowsHookEx
UnregisterClassA
PtInRect
GetDlgCtrlID
GetWindow
ClientToScreen
SetWindowTextA
GetWindowTextA
GetMenuItemCount
GetClipboardData
DrawTextA
GrayStringA
GetDlgItem
SetWindowPos
wsprintfA
MessageBoxA
MapWindowPoints
EnableWindow
CloseClipboard
GetSysColor
ModifyMenuA
AdjustWindowRectEx
SetFocus
GetWindowPlacement
IsIconic
SystemParametersInfoA
TrackMouseEvent
CallWindowProcA
ShowWindow
IsWindow
GetWindowLongA
GetClassNameA
EnumWindows
GetAncestor
SendMessageA
EnumChildWindows
CreateWindowExA
ReleaseDC
UpdateLayeredWindow
GetDC
GetWindowRect
SetWindowLongA
GetPropA
GetMessagePos
SetPropA
OpenClipboard
LoadIconA
LoadCursorA
GetSysColorBrush
TabbedTextOutA
GetCursorPos
GetNextDlgTabItem
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessageTime
DefWindowProcA
RemovePropA
GetClassLongA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
LoadStringA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
GetLastActivePopup
GetMessageTime
RemovePropA
GetPropA
UnhookWindowsHookEx
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
MessageBeep
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
SetPropA
DestroyIcon
IntersectRect
InflateRect
SetRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
SetTimer
KillTimer
WinHelpA
CopyRect
ChildWindowFromPointEx
ScreenToClient
UnregisterClassA
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
IsIconic
PeekMessageA
SetMenu
GetMenu
DeleteMenu
GetSystemMenu
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
RegisterWindowMessageA
CallWindowProcA
DrawIcon
GetClassNameA
EnumChildWindows
FindWindowA
GetForegroundWindow
SetWindowTextA
GetDesktopWindow
GetDlgItem
GetWindowTextA
GetKeyboardType
LoadStringA
CharNextA
CharToOemA
CreateWindowExA
RegisterHotKey
UnregisterHotKey
ScrollWindowEx
IsDialogMessageA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetNextDlgGroupItem
PostThreadMessageA
LoadBitmapA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
PtInRect
GetMessagePos
MessageBoxA

gdi32

RectVisible
PtVisible
GetDeviceCaps
DeleteDC
GetStockObject
CreateBitmap
SetViewportOrgEx
SetViewportExtEx
SelectObject
CreateDIBSection
TextOutA
ExtTextOutA
CreateCompatibleDC
DeleteObject
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetBkColor
SetTextColor
SetMapMode
RestoreDC
OffsetViewportOrgEx
GetObjectA
SaveDC
Escape
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgn
FillRgn
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
GetPixel
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
RealizePalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
CreateFontA
TranslateCharsetInfo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetMapMode
CombineRgn
PatBlt
CreatePen
SelectObject
CreateBitmap
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
CreateCompatibleDC
SelectPalette

kernel32

GetStdHandle
SetHandleCount
GetACP
HeapSize
RaiseException
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
LocalSize
LoadLibraryA
GetProcAddress
MultiByteToWideChar
VirtualAlloc
lstrlenW
WideCharToMultiByte
GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
GetPrivateProfileStringA
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetTickCount
GetTempPathA
WriteFile
GlobalUnlock
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
TerminateProcess
GlobalDeleteAtom
LocalAlloc
LocalFree
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
InterlockedDecrement
SetErrorMode
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA
GetVersion
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
SetLastError
GetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GetCurrentProcess
SetFilePointer
FlushFileBuffers
GetFileType
GetStartupInfoA
FreeLibrary
LCMapStringA
SetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
IsBadCodePtr
IsBadWritePtr
GetStringTypeW
GetStringTypeA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
RtlUnwind
GetCommandLineA
GetOEMCP
GetCPInfo
RtlMoveMemory
GlobalAlloc
GlobalLock
lstrcmpA
GlobalFree
GlobalFlags
GetCurrentThread
GetFileTime
LocalReAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
SetErrorMode
GetProcessVersion
GetOEMCP
GetSystemTime
HeapSize
SetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetEnvironmentVariableA
HeapDestroy
HeapCreate
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
CompareStringA
EnumCalendarInfoA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FormatMessageA
GetACP
GetCPInfo
GetDateFormatA
GetLocalTime
GetStringTypeExA
GlobalHandle
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetFileType
GetStdHandle
RaiseException
RtlUnwind
SetEndOfFile
UnhandledExceptionFilter
GetStartupInfoA
GetThreadLocale
lstrcpynA
VirtualQuery
InterlockedIncrement
InterlockedDecrement
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
GetVersion
GetLocaleInfoA
LoadLibraryExA
EnumResourceNamesA
IsBadWritePtr
TerminateProcess
GetFileSize
SetFilePointer
SetLastError
GetTimeZoneInformation
FileTimeToSystemTime
WideCharToMultiByte
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
CompareStringW
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
MultiByteToWideChar
GetCurrentProcess
GetWindowsDirectoryA
GetSystemDirectoryA
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenW
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
CloseHandle
WaitForSingleObject
GetTickCount
GetCommandLineA
MulDiv
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
CopyFileA
DeleteFileA
GetFileAttributesA
FindClose
FindFirstFileA
GetTempPathA
GlobalUnlock
GlobalLock
GlobalAlloc
ExpandEnvironmentStringsA
Sleep
ResetEvent
CreateEventA
CreateThread
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVersionExA
LoadLibraryA
FreeLibrary
GetFullPathNameA
GetUserDefaultLCID
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
VirtualProtect
GetModuleFileNameA
ExitProcess

ole32

OleIsCurrentClipboard
OleRun
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CoCreateInstance

gdiplus

GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipGetImageWidth
GdipGetImageHeight
GdipLoadImageFromFile
GdipSetTextRenderingHint
GdipDeleteBrush
GdipGetImageEncoders
GdipDeletePen
GdipLoadImageFromStream
GdipDisposeImage
GdipCreateFromHDC
GdiplusStartup
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipDrawRectangleI
GdipCreateSolidFill
GdipSetSolidFillColor
GdipCreateBitmapFromScan0

imm32

ImmSetCompositionWindow
ImmGetContext
ImmGetCompositionStringA
ImmReleaseContext

shell32

ShellExecuteA
SHAppBarMessage
ShellExecuteA
DragFinish
DragQueryFileA
Shell_NotifyIconA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderPathA
DragAcceptFiles

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

comctl32

ord17
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ord17
ImageList_Read
ImageList_Duplicate

shlwapi

PathFileExistsA

winmm

PlaySoundA
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
waveOutUnprepareHeader

rasapi32

RasGetConnectStatusA
RasHangUpA

ws2_32

ioctlsocket
recvfrom
getpeername
closesocket
WSACleanup
select
send
WSAStartup
inet_ntoa
WSAAsyncSelect
accept
recv

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerLanguageNameA

oleaut32

SysStringLen
SysAllocStringByteLen
SafeArrayGetElemsize
SafeArrayPtrOfIndex
VariantTimeToSystemTime
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SysAllocString
VariantInit
VariantCopyInd
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
UnRegisterTypeLi
SysFreeString
SysReAllocStringLen
SysAllocStringLen
OleCreateFontIndirect
VariantClear
VariantCopy

oledlg

ord8

wininet

InternetConnectA
InternetSetOptionA
InternetCloseHandle
InternetOpenA
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetCrackUrlA
InternetCanonicalizeUrlA

comdlg32

GetSaveFileNameA
ChooseFontA
GetFileTitleA
ChooseColorA
GetOpenFileNameA

Sections

.text
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 930KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
300herobox/300yingxionghz/Propaganda.ini
安装须知.txt

Sharing

General

Malware Config

Signatures

Files

d8d30710927a18abca70c46b760d36aa

Headers

File Characteristics

Imports

user32

gdi32

kernel32

ole32

gdiplus

imm32

shell32

winspool.drv

advapi32

comctl32

shlwapi

winmm

rasapi32

ws2_32

version

oleaut32

oledlg

wininet

comdlg32

Sections

.text Size: - Virtual size: 3.1MB

CODE Size: - Virtual size: 330KB

.rdata Size: - Virtual size: 3.5MB

.data Size: - Virtual size: 930KB

DATA Size: - Virtual size: 67KB

BSS Size: - Virtual size: 25KB

.rsrc Size: 28KB - Virtual size: 42KB

.vmp0 Size: - Virtual size: 16KB

.vmp1 Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 4KB - Virtual size: 148B

.text
Size: - Virtual size: 3.1MB

CODE
Size: - Virtual size: 330KB

.rdata
Size: - Virtual size: 3.5MB

.data
Size: - Virtual size: 930KB

DATA
Size: - Virtual size: 67KB

BSS
Size: - Virtual size: 25KB

.rsrc
Size: 28KB - Virtual size: 42KB

.vmp0
Size: - Virtual size: 16KB

.vmp1
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 4KB - Virtual size: 148B