29f479cf0491f9b9c030d047caab3e84_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29f479cf0491f9b9c030d047caab3e84_JaffaCakes118
Size

357KB
MD5

29f479cf0491f9b9c030d047caab3e84
SHA1

207ca0ca7749a73d40bb24f66fb988e142dd5074
SHA256

af05c97d5e622afa44a1335127eca351e82e965d438082dcca27331dc0baa460
SHA512

08618d0463adef8f213bb690d0c0a5f8c5d51211af3cec0b3856b277df832ad2f5033fe58390dfa8d75671c21a126df1cf9f41f5c81f4aa732d4d1acbe53ad24
SSDEEP

6144:Mi+uiyLEIZyU0wyZvN1EOcn5OXhbNJkt7fjaVRMesDqd0x+neSeFFMXT:M1LIZyyyZwOcngYt7fj4M8acT

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MangaCon.exe
unpack001/McUp.exe

Files

29f479cf0491f9b9c030d047caab3e84_JaffaCakes118
.rar
MangaCon.exe
.exe windows:5 windows x86 arch:x86

406ae88bb2d9182829b8a0992eddf65b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\SVNHome\Product\MangaCon\src\Release\bin\MangaCon.pdb

Imports

wininet

InternetSetOptionA
InternetConnectA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetGetCookieExA
HttpOpenRequestA
InternetReadFile
InternetSetCookieA
InternetCloseHandle
InternetOpenA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

LoadResource
GetLocalTime
VirtualAlloc
CreateFileW
GetFileAttributesA
GetFileAttributesW
FlushFileBuffers
SetFilePointer
WriteFile
GetVersionExW
AreFileApisANSI
SetEndOfFile
UnlockFile
LockFile
DeleteFileW
LoadLibraryA
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetSystemTime
GetSystemTimeAsFileTime
LockFileEx
GetTempPathA
GetTempPathW
GetFullPathNameA
GetFullPathNameW
LCMapStringA
GetModuleFileNameW
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
TerminateProcess
HeapCreate
RaiseException
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
ExitProcess
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetModuleFileNameA
GetLastError
FindResourceA
VirtualFree
OutputDebugStringA
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
ExpandEnvironmentStringsW
lstrcpynW
lstrcpyW
ExpandEnvironmentStringsA
lstrcpynA
lstrcmpA
FormatMessageA
GetCurrentProcess
CompareStringA
CompareStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetModuleHandleA
FlushInstructionCache
CreateDirectoryA
ReadFile
GetFileSize
CreateFileA
TerminateThread
DeleteCriticalSection
WaitForMultipleObjects
ResetEvent
EnterCriticalSection
InterlockedExchange
LeaveCriticalSection
CreateEventA
InitializeCriticalSection
SetEvent
LCMapStringW
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
DebugBreak
IsDebuggerPresent
lstrcmpiA
Sleep
lstrlenA
lstrcpyA
DeleteFileA
GetCurrentProcessId
LockResource
FreeResource
CreateThread
CloseHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableA

user32

LoadBitmapA
LoadMenuA
RegisterWindowMessageW
DestroyMenu
EnableMenuItem
GetSubMenu
SetMenuDefaultItem
wvsprintfW
LoadCursorW
DialogBoxParamW
CreateDialogParamW
RegisterClassW
MonitorFromWindow
GetMonitorInfoW
CopyRect
GetDesktopWindow
LoadIconA
DrawTextW
EndDialog
CallWindowProcA
DefWindowProcW
DefWindowProcA
CallWindowProcW
SendDlgItemMessageW
TrackMouseEvent
SetWindowTextW
SetWindowTextA
SetWindowPos
SetWindowLongW
SetTimer
SetDlgItemTextA
SendMessageW
PostMessageA
ReleaseDC
GetDC
EndPaint
BeginPaint
SetRect
FillRect
IsWindowUnicode
IsWindow
IsDlgButtonChecked
InvalidateRect
GetWindowTextLengthW
GetWindowTextLengthA
DrawTextA
GetWindowTextW
GetWindowTextA
GetWindowRect
GetWindowLongW
GetWindow
GetParent
GetDlgItem
GetDlgCtrlID
GetClientRect
MessageBoxA
EnableWindow
DestroyWindow
CreateWindowExW
CreateWindowExA
ClientToScreen
CheckRadioButton
CheckDlgButton
SetFocus
GetFocus
SendMessageA
wvsprintfA
wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
TrackPopupMenu
IsIconic
SetForegroundWindow
IsDialogMessageA
GetSysColor
GetCursorPos
ShowWindow
GetSystemMetrics
FindWindowA
RegisterClassA
RegisterWindowMessageA
SetCursor
SetRectEmpty
PtInRect
LoadCursorA
MessageBeep
SetWindowLongA

gdi32

SetBkColor
ExtTextOutW
CreateCompatibleBitmap
BitBlt
DeleteObject
GetObjectW
CreateFontIndirectW
DeleteDC
CreateDIBSection
StretchBlt
SelectObject
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
SetBkMode
SetTextColor

advapi32

RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteA
SHGetPathFromIDListA

ole32

CoUninitialize
OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
OleSetContainedObject
OleCreate

oleaut32

SysFreeString
SysAllocString

comctl32

ImageList_AddMasked
ImageList_Create
InitCommonControlsEx
ImageList_Destroy
ord6

Sections

.text
Size: 459KB - Virtual size: 459KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
McUp.exe
.exe windows:5 windows x86 arch:x86

0cb2c67646e61e2ac90d9217823c0ff4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\titilima\MyCode\Product\MangaCon\bin\McUp.pdb

Imports

kernel32

MoveFileExW
WaitForSingleObject
OpenProcess
GetModuleFileNameW
lstrcatW
CloseHandle
lstrcpyW
GetStartupInfoW
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize

shell32

ShellExecuteW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

406ae88bb2d9182829b8a0992eddf65b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 459KB - Virtual size: 459KB

.rdata Size: 121KB - Virtual size: 120KB

.data Size: 11KB - Virtual size: 19KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 20KB - Virtual size: 19KB

0cb2c67646e61e2ac90d9217823c0ff4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shell32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 792B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 459KB - Virtual size: 459KB

.rdata
Size: 121KB - Virtual size: 120KB

.data
Size: 11KB - Virtual size: 19KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 792B

.reloc
Size: 3KB - Virtual size: 3KB