819983c6f5b3a8f2dc23a93bdb995361_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

819983c6f5b3a8f2dc23a93bdb995361_JaffaCakes118
Size

361KB
MD5

819983c6f5b3a8f2dc23a93bdb995361
SHA1

5c9db68d26aeb857262663d1aa9c163ae9a59b88
SHA256

273fdab4c3638a19aafb1fb329cffcc0b21c37b7e0c91395801e4792bf900c8c
SHA512

9b1ca920406fe9c375ab9706aec990eb08d5ce3c15b2215482ea31c60a766bd09853b79857076db876ad10b446eaa0627253ce12bf34e0dfed3c11ba2e5b1226
SSDEEP

6144:v5UGp+/dBhMRLQx1rE13GJHU6Tua3gujc2SVKfaxY1kQw6NJSQ+Yy8qRMpuAXGD+:v5EBye1rUW06qa3gqc2SkiC1kQkMpJW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQlogger/Q2010聊天记录查看器 8.7.exe

Files

819983c6f5b3a8f2dc23a93bdb995361_JaffaCakes118
.rar
QQlogger/Q2010聊天记录查看器 8.7.exe
.exe windows:4 windows x86 arch:x86

0b4a80db51d7503952d24dfab0881e95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapAlloc
HeapFree
SetStdHandle
GetFileType
RaiseException
GetACP
HeapSize
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
GetStartupInfoA
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExitProcess
InterlockedExchange
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetCurrentDirectoryA
WritePrivateProfileStringA
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
lstrlenW
GetCurrentThread
GetFileTime
GetFileSize
GetFileAttributesA
MulDiv
GlobalLock
GlobalUnlock
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FindNextFileA
SetLastError
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrcmpA
lstrcpyA
WinExec
GetWindowsDirectoryA
IsDebuggerPresent
SetLocaleInfoA
CreateMutexA
GetLastError
GetDiskFreeSpaceExA
GetTickCount
GlobalMemoryStatus
GlobalAlloc
DeviceIoControl
GlobalFree
GetProfileIntA
GetProcAddress
FreeLibrary
lstrcatA
LoadLibraryA
lstrlenA
GetVersion
FindFirstFileA
FindClose
GetProfileStringA
WriteProfileStringA
CreateToolhelp32Snapshot
Process32First
OpenProcess
WaitForSingleObject
TerminateProcess
Process32Next
Sleep
GetModuleFileNameA
DeleteFileA
GetSystemDirectoryA
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
WriteFile
HeapCreate
CloseHandle

user32

GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsWindowEnabled
CharUpperA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
PostThreadMessageA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
IsWindowVisible
GetClassNameA
ScreenToClient
CopyRect
DrawTextA
InflateRect
LoadCursorA
CopyIcon
GetSysColor
SetWindowLongA
FindWindowA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
SetCursor
PtInRect
ReleaseCapture
SetCapture
MessageBeep
GetWindowRect
OffsetRect
InvalidateRect
CreatePopupMenu
LoadMenuA
GetSubMenu
GetCursorPos
GetDesktopWindow
KillTimer
RedrawWindow
IsIconic
GetSystemMetrics
DrawIcon
RegisterClipboardFormatA
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
EnableWindow
GetClientRect
GetParent
SetTimer
MessageBoxA
IsWindow
FindWindowExA
PostMessageA
CharNextA
GetSysColorBrush
WindowFromPoint
DestroyMenu
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
wvsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
DefWindowProcA
LoadStringA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
RestoreDC
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
LPtoDP
DPtoLP
PatBlt
GetMapMode
GetTextColor
GetBkColor
SaveDC
GetClipBox
CreateBitmap
SetBkColor
SetTextColor
CreateRoundRectRgn
SelectClipRgn
CreateRectRgn
DeleteDC
DeleteObject
CreateCompatibleDC
SetBkMode
SelectObject
BitBlt
GetObjectA
CreateFontIndirectA
GetStockObject
CreateDIBitmap
GetTextExtentPointA
CreateSolidBrush

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
GetUserNameA

shell32

ShellExecuteA

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromProgID
CoInitialize
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromString

olepro32

ord253

oleaut32

SysFreeString
VariantClear
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SafeArrayAccessData

wsock32

setsockopt
closesocket
recv
send
htons
connect
getprotobyname
socket
WSAStartup
WSACleanup
gethostbyname

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile

winmm

timeGetTime

msimg32

GradientFill

Sections

.text
Size: 272KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQlogger/各种杀毒软件设置方法.html
.html
QQlogger/河源下载站-cngr.cn.url
.url

Sharing

General

Malware Config

Signatures

Files

0b4a80db51d7503952d24dfab0881e95

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

winmm

msimg32

Sections

.text Size: 272KB - Virtual size: 269KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 28KB - Virtual size: 24.0MB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 272KB - Virtual size: 269KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 28KB - Virtual size: 24.0MB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB