5c200bbb71dec15dbfaf4ddfa4671e51_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c200bbb71dec15dbfaf4ddfa4671e51_JaffaCakes118
Size

3.3MB
MD5

5c200bbb71dec15dbfaf4ddfa4671e51
SHA1

6814da388b84aff793a9da063c0562430fc533fe
SHA256

0ba741c171760fd63391eac8082392e9fe5a396b147f0cc152f46f757946482a
SHA512

80a6323cf065c0977c835c0333a9008e898c16831f6d7a33233a3927db0c319e9ea40b41ee32bd3af7215aa76ce349946e6f450ae9c1ccaf70d29b102553a63f
SSDEEP

98304:pupyEGXSxgMu4bDcpCsv+bGUeYyVDFLOAkGkzdnEVomFHKnPAd:pupT4SSUeYy1FLOyomFHKnPA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c200bbb71dec15dbfaf4ddfa4671e51_JaffaCakes118

Files

5c200bbb71dec15dbfaf4ddfa4671e51_JaffaCakes118
.exe windows:6 windows x86 arch:x86

0ddf41884d8af60dd5e07026e6a8308d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\代码\流放之路\Console_watermelon(台服)\Release\PTview.pdb

Imports

kernel32

GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
QueryPerformanceCounter
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
ExitThread
RtlUnwind
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
SetUnhandledExceptionFilter
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
VirtualProtect
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GlobalGetAtomNameW
GetFileAttributesW
VerifyVersionInfoW
VerSetConditionMask
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
FileTimeToSystemTime
LocalAlloc
FileTimeToLocalFileTime
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
SetThreadPriority
WaitForSingleObject
FormatMessageW
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
GlobalUnlock
LoadLibraryW
LoadLibraryA
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
SetLastError
GlobalFree
FreeResource
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetCurrentThreadId
GetCurrentThread
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
RaiseException
InitializeCriticalSectionEx
LeaveCriticalSection
HeapReAlloc
GetLastError
CopyFileW
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
ResumeThread
lstrcpyW
GetVersionExW
CreateThread
WinExec
HeapFree
GetProcessHeap
HeapAlloc
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
OutputDebugStringA
OutputDebugStringW
GetTickCount
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcess
CloseHandle
TerminateProcess
K32EnumProcesses
Sleep
CreateProcessW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateRemoteThread
GetModuleHandleW
GetProcAddress
WriteProcessMemory
VirtualAllocEx
OpenProcess
SetFilePointerEx

user32

ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
UpdateLayeredWindow
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
UnionRect
SetCursorPos
NotifyWinEvent
GetAsyncKeyState
IsZoomed
TrackMouseEvent
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
EnumDisplayMonitors
SetRectEmpty
SetLayeredWindowAttributes
MessageBeep
GetNextDlgGroupItem
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CharUpperW
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckDlgButton
SetDlgItemTextW
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
RegisterClipboardFormatW
GetScrollRange
CreateAcceleratorTableW
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
InvalidateRect
UpdateWindow
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
GetCursorPos
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringW
GetLastActivePopup
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyNameTextW
GetWindowLongW
SetActiveWindow
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
CreateDialogIndirectParamW
DestroyWindow
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
GetWindowRgn
DestroyCursor
CreateMenu
InvertRect
HideCaret
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
MapWindowPoints
RedrawWindow
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
PostThreadMessageW
IsClipboardFormatAvailable
FrameRect
CharUpperBuffW
ShowScrollBar
SubtractRect
SetWindowRgn
DrawStateW
GetFocus
GetKeyboardState
GetKeyboardLayout
SetScrollRange
ToUnicodeEx
DrawFrameControl
DrawEdge
RegisterWindowMessageW
MapDialogRect
GetParent
SetWindowContextHelpId
PostQuitMessage
UnregisterClassW
ShowWindow
GetSubMenu
LoadMenuW
GetMessagePos
KillTimer
EndDialog
wsprintfW
MessageBoxW
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
ExitWindowsEx
SetTimer
AppendMenuW
GetSystemMenu
SetWindowPos
EnumChildWindows
IsWindowVisible
IsWindowEnabled
GetWindow
GetDesktopWindow
EnumWindows
GetWindowRect
CopyRect
FindWindowW
IsWindow
SendMessageW
GetWindowThreadProcessId
GetWindowTextW
GetClassNameW
PostMessageW
LoadIconW
EnableWindow

gdi32

GetObjectW
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetRgnBox
GetMapMode
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SetBkColor
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
GetPaletteEntries
DeleteDC
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreatePatternBrush
CreatePen
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
SetBkMode

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
OpenProcessToken
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

DragFinish
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
ShellExecuteW
Shell_NotifyIconW
DragQueryFileW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

DrawThemeParentBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
IsAppThemed
DrawThemeText
DrawThemeBackground
CloseThemeData
OpenThemeData
GetThemeColor

ole32

RevokeDragDrop
CoInitialize
CoCreateInstance
CoInitializeEx
CoUninitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
OleRun
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoDisconnectObject
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning

oleaut32

VariantTimeToSystemTime
VarBstrFromDate
VariantCopy
LoadTypeLi
SafeArrayDestroy
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString
SystemTimeToVariantTime

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

rasapi32

RasEnumConnectionsW
RasEnumEntriesW
RasGetConnectStatusW

ws2_32

send
recv
WSAAsyncSelect
socket
WSAStartup
WSAGetLastError
ntohl
gethostname
gethostbyname
inet_ntoa
WSACleanup
closesocket
inet_addr
htons
connect
bind
accept
listen

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

wininet

InternetSetStatusCallbackW
InternetSetOptionExW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpOpenRequestW
HttpQueryInfoW
HttpAddRequestHeadersW
InternetGetLastResponseInfoW
HttpSendRequestW

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ddf41884d8af60dd5e07026e6a8308d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

rasapi32

ws2_32

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 351KB - Virtual size: 350KB

.data Size: 26KB - Virtual size: 57KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 127KB - Virtual size: 126KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 351KB - Virtual size: 350KB

.data
Size: 26KB - Virtual size: 57KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 127KB - Virtual size: 126KB