6a613ea8800fb45ffc1a9dc7004159f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a613ea8800fb45ffc1a9dc7004159f6_JaffaCakes118
Size

184KB
MD5

6a613ea8800fb45ffc1a9dc7004159f6
SHA1

0e1bb7f97c8fe0c7423a12e5e703d4693e747571
SHA256

06dee6c8c4394f6b5968bc96adfb8a544dc3c880eaadc0033b94bd5fb65b1e01
SHA512

e1d8996357dc70e58f42196274c4b48267448a0c38086f7fa6b5f73e9da18694fad11ffd834c45f103f5565e640afea814a025b1146694a23abab47df842d496
SSDEEP

3072:NOAWQdeQWkGO2o9V9qtWF3l7aMS18FYacU5xqt3Q+:sGdeQ9b2QF3l+MS18FcU3Ab

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a613ea8800fb45ffc1a9dc7004159f6_JaffaCakes118

Files

6a613ea8800fb45ffc1a9dc7004159f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5666286b7fec53fbf6689aa92010c611

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\c++\闪电计划\release\闪电计划.pdb

Imports

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetQueryDataAvailable
InternetOpenA

kernel32

SetStdHandle
FlushFileBuffers
LCMapStringA
LCMapStringW
GetLocaleInfoA
HeapSize
SetEndOfFile
GetTimeZoneInformation
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceA
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
GlobalReAlloc
GlobalHandle
LocalReAlloc
FindClose
FindFirstFileA
WriteConsoleW
GetFileAttributesA
GetFileTime
LockFile
UnlockFile
GetThreadLocale
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GlobalGetAtomNameA
lstrcmpA
GlobalFlags
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
FreeLibrary
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetConsoleMode
GetConsoleCP
RtlUnwind
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcessHeap
GetVersionExA
GetCommandLineA
HeapReAlloc
VirtualAlloc
HeapAlloc
HeapFree
SetFileAttributesA
Sleep
GetModuleHandleA
Process32Next
Process32First
CreateProcessA
GetProcAddress
LoadLibraryA
CloseHandle
GlobalUnlock
ReadFile
GlobalLock
GetFileSize
CreateFileA
CompareStringW
CompareStringA
GetVersion
lstrlenA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GlobalFree
GlobalAlloc
RaiseException
WaitForSingleObject

user32

DestroyMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
GetClassInfoExA
GetClassInfoA
AdjustWindowRectEx
CopyRect
CallWindowProcA
PostQuitMessage
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowPos
SetWindowLongA
IsWindow
GetDlgItem
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
GetKeyState
PeekMessageA
ValidateRect
GetWindowTextA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
SystemParametersInfoA
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DefWindowProcA
GetWindowDC
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
MessageBoxA
RegisterClassA
LoadCursorA
LoadIconA
GetSystemMetrics
CharUpperA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetStockObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

shlwapi

PathStripToRootA
UrlUnescapeA
PathIsUNCA
PathFindFileNameA

ole32

CreateStreamOnHGlobal

oleaut32

VariantInit
VariantChangeType
OleLoadPicture
VariantClear

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5666286b7fec53fbf6689aa92010c611

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

shlwapi

ole32

oleaut32

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 176B