5b08281764d6081ed4b2d056c3553034_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b08281764d6081ed4b2d056c3553034_JaffaCakes118
Size

872KB
MD5

5b08281764d6081ed4b2d056c3553034
SHA1

f975e7989079cd77c8b64b16e31adab2d33627fd
SHA256

b35d15dfa3b9426cd1b15d4f1df22f2d4558f45ff46b132c2cb134b5755e0edb
SHA512

52e842f8f26b4095e8fb33b90827467230f7c7df399b9c4639ff37683176ef202f2082c3e83640616cf9af0bb21a6ec81bf2fa4c61a74ac654c81a7803dee6fc
SSDEEP

24576:jkBfRRScgnNfl2krrv+b12bVyFcx2nNfg76Z16vwqA:YJAHTr2sVIN+M1iM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ufowsv.exe

Files

5b08281764d6081ed4b2d056c3553034_JaffaCakes118
.rar
ufowsv.exe
.exe windows:4 windows x86 arch:x86

0ba0a60377657b8f23bdafe6e60f432d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetVersionExA
FindClose
GetPrivateProfileStringA
GetModuleFileNameA
GetDriveTypeA
WinExec
SetCurrentDirectoryA
MoveFileExA
GetShortPathNameA
LocalAlloc
GetTempPathA
LocalFree
GetCurrentProcess
lstrcatA
SetFileTime
GetWindowsDirectoryA
GetSystemDirectoryA
WritePrivateProfileStringA
LoadLibraryA
lstrlenA
GetDiskFreeSpaceA
FreeLibrary
GlobalAlloc
GlobalLock
IsBadCodePtr
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
WideCharToMultiByte
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
CreateDirectoryA
HeapCompact
HeapSize
TerminateProcess
ExitProcess
GetFileAttributesA
SetFileAttributesA
MoveFileA
DeleteFileA
GetLastError
GlobalHandle
GetCurrentDirectoryA
SetEnvironmentVariableA
HeapFree
GetEnvironmentStrings
GetFullPathNameA
GetProcAddress
FreeEnvironmentStringsW
GlobalUnlock
GetStdHandle
GetFileType
SetHandleCount
GetStringTypeW
IsBadReadPtr
GetStringTypeA
SetFilePointer
CreateFileA
ReadFile
WriteFile
HeapAlloc
CloseHandle
GlobalFree
GetEnvironmentStringsW

user32

SetTimer
DispatchMessageA
IsWindowVisible
DestroyWindow
GetMessageA
IsDialogMessageA
CreateDialogIndirectParamA
MessageBoxA
TranslateMessage
SetWindowPos
wsprintfA
SetWindowTextA
GetDlgItem
ScreenToClient
GetWindowRect
SendDlgItemMessageA
EnableWindow
SetFocus
SendMessageA
SetDlgItemTextA
GetDlgItemTextA
EndPaint
BeginPaint
RegisterWindowMessageA
OemToCharA
GetParent
GetDC
ReleaseDC
SetWindowLongA
GetClientRect
DrawTextA
FillRect
GetWindow
GetSysColor
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassA
FindWindowA
GetLastActivePopup
BringWindowToTop
GetSystemMetrics
AdjustWindowRectEx
UpdateWindow
IsIconic
RedrawWindow
PostQuitMessage
DefWindowProcA
PostMessageA
IsDlgButtonChecked
ExitWindowsEx
ShowWindow
CheckDlgButton
KillTimer

gdi32

AddFontResourceA
ExtTextOutA
SetBkColor
GetStockObject
CreateSolidBrush
DeleteObject
CreateFontIndirectA
GetObjectA
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
StretchDIBits
RealizePalette
SelectPalette
IntersectClipRect
CreateDIBPatternBrush
SetTextColor
SetBkMode
SelectObject
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC

comdlg32

GetSaveFileNameA

advapi32

AdjustTokenPrivileges
RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoCreateInstance
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

0ba0a60377657b8f23bdafe6e60f432d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

version

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1KB