68b1003bf480a6c4ae0583bc7893602d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

68b1003bf480a6c4ae0583bc7893602d_JaffaCakes118
Size

2.1MB
MD5

68b1003bf480a6c4ae0583bc7893602d
SHA1

21fa2e9300fad6688365096a68c52f16db585c5e
SHA256

8a336e5f58825628d0062e9638f569e7681bb7660a1f05158b06f0dacdf0cc38
SHA512

591e82b87b45d65e7a3814e46f0b869561345756f7e5ae29d3d112e92993b95a30175eb7a6018afda2e654d598e69030668f2beef23941ecfc1da498c4e4a362
SSDEEP

24576:LkUHsUawCoa9zi8xpV5RZqxgBs7HG0ieaf+4x/hlFP8VTt3NDotpsw98Wv9cjDha:c/L/lYyytiRf1wz8TL4/iJkRgj

Score

1^/10

Malware Config

Signatures

Files

68b1003bf480a6c4ae0583bc7893602d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8f2a6193ab8fdc2668749777eccb7ab2

Code Sign

2b:f2:56:95:95:fb:73:52:b0:fc:dc:e5:b8:51:8e:ed
Certificate

Issuer

CN=Root Agency

Not Before

21-10-2016 07:15

Not After

31-12-2039 23:59

Subject

CN=深圳游禧科技有限公司,O=微软,1.2.840.113549.1.9.1=#0c0d67746a7440373437372e636f6d

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\微云同步盘\游禧科技\7477_微端开发\launcher\SkinnerBeautify_CQZ\Release\Bin\GTJTLauncher.pdb

Imports

kernel32

CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetCommandLineW
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
ExitProcess
GetModuleHandleExW
AreFileApisANSI
IsDebuggerPresent
IsProcessorFeaturePresent
HeapReAlloc
SetStdHandle
GetFileType
ExitThread
HeapSize
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
GetStdHandle
GetProcessHeap
GetStartupInfoW
QueryPerformanceCounter
SetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetOEMCP
GetCPInfo
GetTimeZoneInformation
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStringTypeW
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GlobalFlags
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
DeleteFileW
FindFirstFileW
FindClose
GetThreadLocale
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
DecodePointer
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GetVersionExW
GetCurrentThread
InterlockedExchange
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventW
SetEvent
GetModuleHandleA
GetModuleFileNameW
GetVersion
OutputDebugStringA
GetModuleHandleW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
CreateFileW
FileTimeToSystemTime
LocalAlloc
LoadLibraryExW
FreeLibrary
FileTimeToLocalFileTime
FormatMessageW
MulDiv
LocalFree
GlobalFree
SetLastError
GetLastError
GetACP
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
FreeResource
CloseHandle
WaitForSingleObject
CreateThread
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
MultiByteToWideChar
FindResourceW
GetTickCount
SizeofResource
LoadResource
Sleep
GetEnvironmentStringsW
LockResource

user32

RegisterClipboardFormatW
PostThreadMessageW
SetForegroundWindow
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
IsChild
GetClassInfoExW
GetClassInfoW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
CopyRect
DestroyMenu
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
MapDialogRect
GetWindow
SetWindowContextHelpId
GetLastActivePopup
GetWindowThreadProcessId
PostMessageW
CallNextHookEx
SetWindowsHookExW
GetCursorPos
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetMenuItemCount
GetMenuItemID
GetSubMenu
SendDlgItemMessageA
GetParent
LoadIconW
LoadCursorW
GetDesktopWindow
SetWindowLongW
GetWindowLongW
PtInRect
SetRect
SetCursor
MessageBoxW
GetClientRect
DrawIcon
AppendMenuW
wsprintfW
GetDC
ReleaseDC
GetWindowRect
GetSystemMenu
GetSystemMetrics
EnableWindow
SetTimer
ReleaseCapture
SetCapture
IsZoomed
IsIconic
CloseWindow
UpdateLayeredWindow
PostQuitMessage
SendMessageW
SetWindowPos
ShowWindow
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
CreateWindowExW
RegisterClassW
IsRectEmpty
IntersectRect
InvalidateRgn
CopyAcceleratorTableW
OffsetRect
CharNextW
ValidateRect
DefWindowProcW
InvalidateRect
KillTimer
RedrawWindow
CharUpperW
GetSysColorBrush
IsDialogMessageW
SetWindowTextW
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetKeyState
RealChildWindowFromPoint

gdi32

GetStockObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SetBkColor
SetMapMode
SetTextColor
GetClipBox
GetObjectW
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
Escape
CreateBitmap
GetDeviceCaps
SelectObject
CreateCompatibleDC
CreateDIBSection
DeleteObject
DeleteDC

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteValueW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW

ole32

CoUninitialize
OleFlushClipboard
CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize
StgCreateDocfile
OleCreate
CoTaskMemAlloc
CoCreateGuid
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRevokeClassObject
CoRegisterMessageFilter
OleIsCurrentClipboard

oleaut32

SysFreeString
SysAllocString
VariantInit
SysAllocStringLen
VariantClear
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SysStringLen

oledlg

OleUIBusyW

gdiplus

GdiplusStartup

iphlpapi

GetAdaptersInfo

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

jqtiukfd
Size: 919KB - Virtual size: 919KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

flvmkrsb
Size: 997KB - Virtual size: 998KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

eigcifjv
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gtjlseil
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ktdtvhoq
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f2a6193ab8fdc2668749777eccb7ab2

Code Sign

2b:f2:56:95:95:fb:73:52:b0:fc:dc:e5:b8:51:8e:edCertificate

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4cCertificate

Extended Key Usages

Key Usages

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91Certificate

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

iphlpapi

oleacc

Sections

jqtiukfd Size: 919KB - Virtual size: 919KB

flvmkrsb Size: 997KB - Virtual size: 998KB

eigcifjv Size: 28KB - Virtual size: 47KB

gtjlseil Size: 79KB - Virtual size: 79KB

ktdtvhoq Size: 100KB - Virtual size: 99KB

2b:f2:56:95:95:fb:73:52:b0:fc:dc:e5:b8:51:8e:ed
Certificate

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

jqtiukfd
Size: 919KB - Virtual size: 919KB

flvmkrsb
Size: 997KB - Virtual size: 998KB

eigcifjv
Size: 28KB - Virtual size: 47KB

gtjlseil
Size: 79KB - Virtual size: 79KB

ktdtvhoq
Size: 100KB - Virtual size: 99KB