48826d43ccd8498860a6fd04ede7ef57_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

48826d43ccd8498860a6fd04ede7ef57_JaffaCakes118
Size

2.0MB
MD5

48826d43ccd8498860a6fd04ede7ef57
SHA1

72df79aa2e2d0dee8be2e1cbfcc2dcdcdff82c33
SHA256

fd4f33e951b0e5f4627e9d19e743d5dc63a4093507898e6af2b6fc976eef5b6c
SHA512

2eb2fb70992c60d18852f27afd7ed2094da4d69e493b120a6b0d5201baf19de2feb82c0fede3b568f15a357ad4ce5d6e22b4d91e85ffee79e07dd45e88fd63bd
SSDEEP

49152:44v1Tl51p/D3fwmAm2NpQ0K9FKjFk/8u3pOv+C6sQPHKya:TJ51Jjem2C9F+y3pA6BPHKH

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/amseed.exe
unpack001/amseedmon.dll

Files

48826d43ccd8498860a6fd04ede7ef57_JaffaCakes118
.zip
Language00.ini
SetSeedDirInfo.mdb
amseed.exe
.exe windows:5 windows x86 arch:x86

b771f19e740c26c804554b813eb431b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\项目代码\BT种子全自动发布系统\release\amseed.pdb

Imports

kernel32

EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
CreateFileA
SetEnvironmentVariableA
LCMapStringA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetConsoleMode
ReadConsoleInputA
CreateMutexA
FlushConsoleInputBuffer
GlobalMemoryStatus
FlushInstructionCache
SetThreadContext
GetThreadContext
LCMapStringW
GetLocaleInfoA
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetVersion
TerminateThread
QueueUserAPC
CreateIoCompletionPort
GetQueuedCompletionStatus
SleepEx
InterlockedExchangeAdd
PostQueuedCompletionStatus
GetProcessHeap
DeviceIoControl
SetFilePointerEx
QueryPerformanceFrequency
GetStringTypeExA
FormatMessageA
FindFirstFileA
SetCurrentDirectoryW
InterlockedCompareExchange
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
HeapSize
ExitProcess
CreateThread
ExitThread
GetFileType
SetStdHandle
HeapReAlloc
HeapFree
HeapAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
GetCurrentDirectoryW
GlobalFlags
GlobalGetAtomNameW
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsGetValue
FindNextFileW
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
SetErrorMode
lstrlenA
ReleaseMutex
ReleaseSemaphore
WritePrivateProfileStringW
GetPrivateProfileIntW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
CreateEventW
SuspendThread
ResumeThread
SetThreadPriority
GetModuleHandleA
RaiseException
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
FreeResource
MulDiv
LocalAlloc
FreeLibrary
DeleteCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
SetLastError
GetThreadLocale
GetStringTypeExW
GetFileInformationByHandle
InterlockedIncrement
GetLocalTime
LeaveCriticalSection
LoadLibraryW
GetProcAddress
GetSystemDirectoryW
ReadDirectoryChangesW
MoveFileW
CreateFileW
GetTickCount
CreatePipe
TerminateProcess
ReadFile
DeleteFileW
lstrcmpiW
lstrcatW
RemoveDirectoryW
CopyFileW
WaitForSingleObject
FormatMessageW
LocalFree
InterlockedDecrement
InitializeCriticalSection
GetComputerNameW
GetCommandLineW
TlsFree
TlsAlloc
CreateEventA
SetEvent
GetCurrentThread
MultiByteToWideChar
InterlockedExchange
LoadResource
LockResource
SizeofResource
FindResourceW
WideCharToMultiByte
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetModuleFileNameW
GetCurrentProcessId
lstrcpyW
GetStdHandle
CreateProcessW
CloseHandle
Sleep
lstrlenW
CreateDirectoryW
GetLastError
EnterCriticalSection
GetSystemDefaultLangID

user32

ShowOwnedPopups
SetCursor
SystemParametersInfoW
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
GetMessageW
ValidateRect
MapVirtualKeyW
GetKeyNameTextW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
LoadMenuW
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
CreateAcceleratorTableW
SetWindowRgn
NotifyWinEvent
RemovePropW
GetFocus
SetWindowPos
SetWindowLongW
PtInRect
CopyRect
CallWindowProcW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
RegisterClipboardFormatW
ScrollWindow
SetParent
TrackPopupMenu
GetKeyState
MapDialogRect
SetWindowContextHelpId
InflateRect
GetMenuItemInfoW
DestroyMenu
GetSysColorBrush
LoadCursorW
UnregisterClassW
IsRectEmpty
SetRect
CopyAcceleratorTableW
InvalidateRect
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
CreateWindowExW
GetClassInfoExW
InvalidateRgn
LoadAcceleratorsW
SetCapture
ReleaseCapture
CharNextW
WindowFromPoint
WaitMessage
SetRectEmpty
PostThreadMessageW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
SendMessageW
IsWindow
FindWindowW
MessageBoxW
EnableWindow
GetWindow
GetProcessWindowStation
GetUserObjectInformationW
LoadIconW
MessageBoxA
GetSystemMetrics
DispatchMessageW
TranslateMessage
DrawIcon
IsIconic
GetClientRect
GetParent
ShowWindow
SetClassLongW
IsMenu
KillTimer
DefWindowProcW
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
RegisterClassW
GetClassInfoW
BringWindowToTop
LockWindowUpdate
EnumChildWindows
DrawStateW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetDlgItem
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
GetWindowThreadProcessId
GetWindowLongW
OpenClipboard
CopyImage
DestroyIcon
GetAsyncKeyState
DestroyAcceleratorTable
MapWindowPoints
SendMessageTimeoutW
GetLastActivePopup
EnumWindows
FindWindowExW
LoadStringW
LoadStringA
PostMessageW
DestroyWindow
DeleteMenu
GetSubMenu
GetMenu
GetCursorPos
LoadImageW
SetClipboardData
CloseClipboard
EmptyClipboard
GetNextDlgGroupItem
TranslateAcceleratorW
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
SetCursorPos
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
IsCharLowerW
MapVirtualKeyExW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
CreateMenu
GetWindowRgn
DestroyCursor
CreatePopupMenu
AppendMenuW
GetSystemMenu
SetTimer
CharUpperW
GetDesktopWindow
IsWindowEnabled
OffsetRect

gdi32

SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
GetRgnBox
GetBkColor
GetTextColor
SetRectRgn
MoveToEx
GetMapMode
RestoreDC
OffsetRgn
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
RealizePalette
StretchBlt
SetPixel
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
CombineRgn
LineTo
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileW
GetDeviceCaps
GetObjectW
SetDIBColorTable
DeleteDC
CreateDIBSection
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
GetDIBits
SetBkMode
DeleteObject
SelectObject
DPtoLP
SetViewportOrgEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegisterEventSourceA
DeregisterEventSource
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
ReportEventA

shell32

SHGetSpecialFolderPathW
SHFileOperationW
Shell_NotifyIconW
DragFinish
DragQueryFileW
SHGetFileInfoW
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

StrStrIW
StrStrW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
StrCmpIW
PathFileExistsW
StrStrIA

oledlg

OleUIBusyW

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
DoDragDrop
OleLockRunning
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
OleRun
GetHGlobalFromStream
CreateStreamOnHGlobal

oleaut32

SafeArrayDestroyData
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
VariantTimeToSystemTime
LoadRegTypeLi
DispCallFunc
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocString
SysFreeString
GetErrorInfo
SystemTimeToVariantTime
OleCreateFontIndirect
SafeArrayUnaccessData

gdiplus

GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToStream
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdiplusShutdown

ws2_32

bind
getsockname
getsockopt
getaddrinfo
WSAAddressToStringA
WSASend
closesocket
setsockopt
WSAGetLastError
htons
ntohs
WSASocketW
__WSAFDIsSet
accept
listen
ioctlsocket
select
WSASendTo
inet_addr
send
recv
htonl
ntohl
freeaddrinfo
WSASetLastError
WSARecvFrom
gethostbyname
socket
WSAAsyncSelect
recvfrom
sendto
WSARecv
WSAStartup
WSACleanup
connect
shutdown

wininet

HttpOpenRequestW
InternetOpenUrlW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetSetOptionExW
HttpQueryInfoW
InternetCloseHandle

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 706KB - Virtual size: 706KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BTDATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
amseedmon.dll
.exe windows:5 windows x86 arch:x86

03c76b8f795bbdb11c9a954b60b57133

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
CreateProcessW
WaitForSingleObject
OpenProcess
CopyFileW
TerminateProcess
GetModuleFileNameW
GetStdHandle
GetLocalTime
lstrcatW
lstrcpyW
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStartupInfoW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
WriteFile
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
HeapSize
RtlUnwind
GetLocaleInfoA
HeapAlloc
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

SetTimer
GetMessageW
LoadCursorW
RegisterClassExW
CreateWindowExW
MessageBoxW
DefWindowProcW
DispatchMessageW
TranslateMessage

shell32

ShellExecuteW

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
post_info.ini
readme.txt
submit_fmt.ini

Sharing

General

Malware Config

Signatures

Files

b771f19e740c26c804554b813eb431b4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

wininet

oleacc

imm32

winmm

version

iphlpapi

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 706KB - Virtual size: 706KB

.data Size: 93KB - Virtual size: 151KB

.BTDATA Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 91KB - Virtual size: 91KB

.reloc Size: 285KB - Virtual size: 284KB

03c76b8f795bbdb11c9a954b60b57133

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 706KB - Virtual size: 706KB

.data
Size: 93KB - Virtual size: 151KB

.BTDATA
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 91KB - Virtual size: 91KB

.reloc
Size: 285KB - Virtual size: 284KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 4KB - Virtual size: 3KB