7f6c14dc51083bf33fcd4338f3eb5ab8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7f6c14dc51083bf33fcd4338f3eb5ab8_JaffaCakes118
Size

177KB
MD5

7f6c14dc51083bf33fcd4338f3eb5ab8
SHA1

c7b4c6f2594d3ef3947e6474c331f90148fc2645
SHA256

8f4c31939a20448982b1ac575f8855dd9aff0820850b51b513e8946d0b063e2f
SHA512

0d23245945f96f30667d08ce73052a59d54b53a1c6a11975fa6d8e07dd9bf23537a7166dc39ef76c452cf5e7039cae1add1a7a36df24cbd732253662edeb1956
SSDEEP

3072:T32QhcAWqHolniyHxKkTQrREQshJDyCXUNjQoJxxk/yE1PpBp0XOwQVw6wsCU:6AMlnnHxPT4RqDRpgLk/l1Pp7QU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/注册痕迹清除工具.exe

Files

7f6c14dc51083bf33fcd4338f3eb5ab8_JaffaCakes118
.rar
下载说明.txt
数码资源网.url
注册痕迹清除工具.exe
.exe windows:4 windows x86 arch:x86

9b294e3d9e57004be0dfcaee9284f9bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
HeapDestroy
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetVersionExA
GetProfileStringA
InterlockedExchange
GetEnvironmentVariableA
FatalAppExitA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
RaiseException
ExitThread
CreateThread
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
RtlUnwind
CopyFileA
GlobalSize
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
SetErrorMode
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
lstrcpynA
FormatMessageA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
MulDiv
GetModuleHandleA
SetLastError
GlobalUnlock
GlobalFree
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThreadId
Sleep
WinExec
BackupRead
DeleteFileA
BackupSeek
LoadLibraryA
GetProcAddress
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
WriteFile
FreeResource
FindFirstFileA
FindClose
LocalFree
CloseHandle
GetCurrentThread
GetLastError
GetCurrentProcess
LocalAlloc
GetStringTypeW

user32

SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
OemToCharA
CharToOemA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
GetWindowDC
ReleaseDC
SetMenu
ClientToScreen
ScreenToClient
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
UnpackDDElParam
SetMenuItemBitmaps
CheckMenuItem
CallNextHookEx
UnregisterClassA
HideCaret
MapWindowPoints
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
LoadIconA
EnableWindow
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DestroyIcon
PostThreadMessageA
RemoveMenu
RegisterClipboardFormatA
BeginPaint
BringWindowToTop
DrawIcon
GetSystemMetrics
IsWindowUnicode
SetWindowsHookExA
UnhookWindowsHookEx
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetDialogBaseUnits
GetSysColorBrush
GetMenuStringA
DeleteMenu
InsertMenuA
PtInRect
GetClassNameA
WindowFromPoint
GetWindowThreadProcessId
GetDesktopWindow
WaitMessage
ReleaseCapture
SetCapture
LoadCursorA
DestroyMenu
CharUpperA
LoadStringA
InflateRect
wvsprintfA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ModifyMenuA
ReuseDDElParam
ScrollWindowEx
IsDlgButtonChecked
GetDC
SetDlgItemTextA

gdi32

ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
GetCurrentPositionEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetDCOrgEx
GetObjectA
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
CreateFontIndirectA
DPtoLP
BitBlt
CreateCompatibleDC
GetTextExtentPoint32A
GetTextMetricsA
GetTextColor
GetBkColor
LPtoDP
CopyMetaFileA
CreateDCA
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
CreateBitmap
CreateDIBPatternBrushPt
CreateDIBitmap
GetTextExtentPointA
GetStockObject

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyExA
RegCreateKeyA
RegQueryValueA
RegSetValueA
RegDeleteValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryInfoKeyA
FreeSid
RegQueryValueExA
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleUninitialize

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
SysStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysStringLen
LoadTypeLi
VariantClear

Sections

.text
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b294e3d9e57004be0dfcaee9284f9bb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 292KB - Virtual size: 290KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 28KB - Virtual size: 42KB

.rsrc Size: 140KB - Virtual size: 138KB

.text
Size: 292KB - Virtual size: 290KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 28KB - Virtual size: 42KB

.rsrc
Size: 140KB - Virtual size: 138KB