703f206097835a0e7025265da2a296fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

703f206097835a0e7025265da2a296fe_JaffaCakes118
Size

419KB
MD5

703f206097835a0e7025265da2a296fe
SHA1

c303b72be534f8e72d5093d188350cb5f37036a0
SHA256

f9dc10dc27177c927d3219d6d7d97177223c63100b812eed45986461b2933bce
SHA512

59bfdf517830e73df5e0062e7735083e5274b94bbe3c72959853f3e93a4e942b086440f5251d7403557c5c47e210a2dfc88bcd4098f47266e7a223b417b35698
SSDEEP

6144:4wShDDF9ZmmXZlIyJhe7MIJMOD8/bp2+hLxB0QdgKze5dcSGhlv/YXspkcAVBIsq:Ah9mS9hezJc/l2+hP03J5+lhK8zKBDgh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/shandi_66868.com/闪迪U盘加密SanDisk+SecureAccess+v3.0+绿色免费版++-+闪迪u盘自带加密软件@162_40247.exe

Files

703f206097835a0e7025265da2a296fe_JaffaCakes118
.rar
shandi_66868.com/2345网址导航.url
.url
shandi_66868.com/U盘启动盘制作工具 - U盘装系统，一键制作U盘.url
.url
shandi_66868.com/软件下载-软件下载第一门户.url
.url
shandi_66868.com/闪迪U盘加密SanDisk+SecureAccess+v3.0+绿色免费版++-+闪迪u盘自带加密软件@162_40247.exe
.exe windows:5 windows x86 arch:x86

b6c6dbcd492ce86e8854538d7dddde9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
ExitProcess
GetEnvironmentVariableW
FindFirstFileW
MapViewOfFile
UnmapViewOfFile
GetCurrentProcess
SetEvent
OutputDebugStringW
GetSystemDirectoryW
GetFileAttributesW
TerminateProcess
GetSystemDirectoryA
WritePrivateProfileStringW
FindClose
GetLocalTime
Process32FirstW
CreateFileMappingW
CreateEventW
Process32NextW
lstrcatW
FindNextFileW
CreateToolhelp32Snapshot
lstrcpyW
SetFileAttributesW
CreateMutexW
SetUnhandledExceptionFilter
GetComputerNameW
GetModuleFileNameW
SetCurrentDirectoryW
GetCurrentThreadId
GetCurrentProcessId
LoadLibraryW
GetTempPathW
GetProcAddress
MoveFileW
DeleteFileW
InterlockedIncrement
DosDateTimeToFileTime
SystemTimeToFileTime
ReadFile
CreateFileW
GetCurrentDirectoryW
GetFileType
GetModuleFileNameA
LocalFree
lstrlenA
WriteConsoleW
SetStdHandle
LoadLibraryExW
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
FlushFileBuffers
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
RtlUnwind
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
UnhandledExceptionFilter
GetStdHandle
AreFileApisANSI
GetModuleHandleExW
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCommandLineW
DeviceIoControl
GetVersionExW
GetModuleHandleW
CreateThread
DeleteFileA
GetTempPathA
CloseHandle
WaitForMultipleObjects
CreateDirectoryA
CreateProcessA
Sleep
InitializeCriticalSection
WriteFile
GetTickCount
WaitForSingleObject
HeapReAlloc
InterlockedDecrement
SetEndOfFile
SetFilePointer
CreateFileA
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
GetLastError
InterlockedExchange
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
IsProcessorFeaturePresent
ResumeThread
ExitThread
EncodePointer
VirtualQuery
VirtualProtect
VirtualAlloc
GetSystemInfo
IsDebuggerPresent
HeapAlloc

user32

SetTimer
PtInRect
GetMessageW
DispatchMessageW
CopyRect
DefWindowProcW
SendMessageW
SetWindowTextA
GetSystemMetrics
CreateWindowExW
IsWindow
ShowWindow
GetCursorPos
SetWindowPos
GetDesktopWindow
SetWindowLongW
EnableMenuItem
ReleaseDC
PostQuitMessage
TrackPopupMenu
FillRect
GetWindowTextW
GetWindowLongW
KillTimer
DrawTextA
LoadMenuW
LoadIconW
GetSystemMenu
SetCursor
GetSubMenu
LoadCursorW
CharNextA
SetRectEmpty
BeginPaint
GetDC
TranslateMessage
SetRect
MessageBoxW
DestroyWindow
EnableWindow
SetForegroundWindow
EndPaint
RegisterClassExW

gdi32

StretchBlt
CreateCompatibleBitmap
FrameRgn
GetTextExtentPoint32A
EnumFontsW
SetTextColor
SetBkMode
CreateFontW
GetDIBColorTable
CreateRoundRectRgn
CreateSolidBrush
TextOutA
BitBlt
DeleteDC
CreateDIBSection
SetDIBColorTable
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExW

shell32

ord165
SHGetPathFromIDListW
SHGetSpecialFolderPathA
Shell_NotifyIconW
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

ole32

CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
CLSIDFromString

oleaut32

SysAllocString
VariantInit
GetErrorInfo
VariantClear
SysFreeString

ws2_32

send
WSAStartup
recvfrom
sendto
connect
inet_ntoa
inet_addr
htons
setsockopt
recv
socket
closesocket
gethostbyname

shlwapi

PathFileExistsA
PathFileExistsW
PathIsDirectoryW
PathRemoveFileSpecW
PathAppendW
StrStrIA
StrStrIW

gdiplus

GdipGetImageGraphicsContext
GdipFree
GdipGetImageHeight
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipDisposeImage
GdipAlloc
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImagePalette
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdiplusShutdown

msimg32

TransparentBlt
AlphaBlend

iphlpapi

GetAdaptersInfo

setupapi

SetupIterateCabinetW

urlmon

URLDownloadToFileW

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 412KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6c6dbcd492ce86e8854538d7dddde9e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

shlwapi

gdiplus

msimg32

iphlpapi

setupapi

urlmon

dbghelp

Sections

.text Size: 268KB - Virtual size: 268KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 412KB - Virtual size: 422KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 268KB - Virtual size: 268KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 412KB - Virtual size: 422KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 13KB - Virtual size: 13KB