7e8617d56b5602ecd5709e9fa35152ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7e8617d56b5602ecd5709e9fa35152ab_JaffaCakes118
Size

274KB
MD5

7e8617d56b5602ecd5709e9fa35152ab
SHA1

97d48cf014475f948ab20446d5f9b4c9edc6c740
SHA256

de1cad56646cbc9de3b6ae7b77c43950a6e541045edb954ddfce7d16fbe7edb9
SHA512

ca62085adca210b5ef9876c98cc2d622d29ba2df08e4a9975589a303eafd7f7c040ff568d20342ba8c09e0192a56d3cb5383fda1c67f5c8d6f80c49014912a70
SSDEEP

6144:2A9b1i7A4RKel6IOg8elYfeSW0zrckCkJx+K3WE+Bx6Tgic5:2WikV4eg8e637Pbj+K3WBx9ic5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/gy_WXSX_jb51.net/tcshalo.exe

Files

7e8617d56b5602ecd5709e9fa35152ab_JaffaCakes118
.zip
gy_WXSX_jb51.net/tcshalo.exe
.exe windows:4 windows x86 arch:x86

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
timeSetEvent
timeKillEvent

msvfw32

DrawDibOpen
DrawDibClose
DrawDibDraw

avifil32

AVIStreamGetFrame
AVIStreamRelease
AVIStreamGetFrameClose
AVIStreamOpenFromFileA
AVIStreamGetFrameOpen
AVIFileInit
AVIFileExit
AVIStreamInfoA
AVIStreamSampleToTime
AVIStreamStart
AVIStreamLength

kernel32

SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RtlUnwind
RaiseException
CreateThread
ExitThread
TerminateProcess
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
DeleteFileA
WinExec
lstrlenA
lstrcatA
lstrcpyA
CloseHandle
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
lstrcmpA
GetCurrentThread
SuspendThread
ResumeThread
ReadProcessMemory
lstrcpynA
MulDiv
SetLastError
LocalFree
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetCurrentProcess
GetLastError
WideCharToMultiByte
GetModuleHandleA
SetEvent
GetProcAddress
FreeLibrary
LoadLibraryA
WaitForSingleObject
CreateEventA
GetTempPathA
GetTickCount
Sleep
GetModuleFileNameA
GetSystemDirectoryA
SetFileAttributesA
LockResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
OpenProcess
WriteProcessMemory
HeapCreate

user32

IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
CreateDialogIndirectParamA
GetActiveWindow
EndDialog
WindowFromPoint
LoadStringA
DestroyMenu
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
CharUpperA
GetClassNameA
GetSysColorBrush
ShowWindow
MoveWindow
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
CallNextHookEx
GetClassLongA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindowLongA
SystemParametersInfoA
GetWindowPlacement
CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
CreateIconIndirect
MessageBoxA
GetWindow
IsWindowVisible
GetWindowTextA
GetWindowThreadProcessId
FindWindowA
UnregisterClassA
GetClassInfoA
UnhookWindowsHookEx
SetWindowsHookExA
GetMenuItemCount
RemoveMenu
AppendMenuA
ReleaseDC
SetWindowRgn
GetDlgItem
SetWindowTextA
IsIconic
DrawIcon
SetScrollRange
EnableScrollBar
GetScrollPos
GetScrollRange
SetScrollPos
GetDC
LoadMenuA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageA
GetMenuItemID
LoadIconA
GetSubMenu
SetMenuDefaultItem
RegisterWindowMessageA
UpdateWindow
RemovePropA
SetPropA
SetWindowLongA
GetPropA
CallWindowProcA
GetFocus
GetAsyncKeyState
ScrollDC
DrawTextA
FillRect
InflateRect
CopyRect
DrawFocusRect
SetRect
SetCapture
ReleaseCapture
ClientToScreen
PtInRect
RedrawWindow
SetTimer
KillTimer
LoadCursorA
SetCursor
GetSystemMetrics
InvalidateRect
IsWindow
GetClientRect
GetWindowRect
GetParent
OffsetRect
GetSysColor
EnableWindow
SendMessageA
SetWindowPos
EnumWindows

gdi32

SetROP2
OffsetRgn
CreateRectRgn
CreateDIBitmap
RealizePalette
CreatePalette
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
MoveToEx
LineTo
SetTextAlign
FrameRgn
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetPixel
GetStockObject
CreateFontIndirectA
GetDIBits
CreateFontA
GetTextExtentPoint32A
GetBkColor
CreatePen
CreateSolidBrush
CreateDIBSection
SelectObject
ExtCreateRegion
BitBlt
CombineRgn
DeleteObject
CreateCompatibleDC
DeleteDC
GetObjectA
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

ord17

Sections

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
readme.url
.url
下载王www.xzking.com.url
.url

Sharing

General

Malware Config

Signatures

Files

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

Imports

winmm

msvfw32

avifil32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 157KB - Virtual size: 282KB

.rsrc Size: 4KB - Virtual size: 3KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 157KB - Virtual size: 282KB

.rsrc
Size: 4KB - Virtual size: 3KB