953d7d3bd8e4c0a393e10f3d948e5815_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

953d7d3bd8e4c0a393e10f3d948e5815_JaffaCakes118
Size

12.6MB
MD5

953d7d3bd8e4c0a393e10f3d948e5815
SHA1

675d55bcfc6c026d7e4c3aa45ae4fc25b5ac7fc1
SHA256

113ea7e0c462afd6f9d1d2ebfa971c70f5d3f372822561f163016f38f9ad3c80
SHA512

7c31beb7b9e373941b19afb06283b44fc7c2d608592feeeb64e8c48c6bdc28ac3e696eed21789aee26d63670db3b48d6c10475380491571625e9f2e02562d7c2
SSDEEP

196608:7n7+p1FxawHGa1J42B/oLgBbu2a5z9UHyK8vBhA3KNh7msiaWwuRa6+bJ0qkfMZ7:mpxmaBoE9u2a99mUhA3K76mWHa6+Fye

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/豪杰视频通2.7.exe

Files

953d7d3bd8e4c0a393e10f3d948e5815_JaffaCakes118
.rar
155绿色软件站.url
.url
sn.txt
豪杰视频通2.7.exe
.exe windows:4 windows x86 arch:x86

0ed244a6ce3f85cfbf1cc9722945915e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetTempPathA
CreateDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
LoadLibraryExA
GetFullPathNameA
LoadLibraryExW
WideCharToMultiByte
LoadLibraryA
LoadLibraryW
Sleep
FindNextFileA
SetFileAttributesA
IsBadReadPtr
WriteProcessMemory
GetCurrentProcess
GetModuleHandleA
OpenFile
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileIntA
GetVersionExA
CreateThread
CloseHandle
GetPrivateProfileStringA
GetProcAddress
GetDiskFreeSpaceA
CreateEventA
SetEvent
ResetEvent
GetLastError
WaitForSingleObject
DeleteFileA
WinExec
GetVersion
GetACP
GetSystemDirectoryA
OpenEventA
HeapReAlloc
IsBadCodePtr
IsBadWritePtr
SetUnhandledExceptionFilter
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetFileType
SetHandleCount
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
ExitProcess
HeapAlloc
HeapFree
HeapSize
GetCommandLineA
GetStartupInfoA
RtlUnwind
RemoveDirectoryA
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
FindFirstFileA
FindClose
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
_llseek
_lread
_lopen
GetFileSize
_lcreat
_lclose
_lwrite
lstrcmpiA
lstrlenA
GetWindowsDirectoryA
lstrcatA
lstrcpyA
LocalFree
FlushFileBuffers
LocalAlloc

user32

LoadIconA
GetClientRect
DefWindowProcA
BeginPaint
EndPaint
CheckRadioButton
UpdateWindow
GetMessageA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
EndDialog
GetDesktopWindow
RegisterClassA
LoadCursorA
PostQuitMessage
wsprintfA
LoadStringA
SendMessageA
PostMessageA
DialogBoxParamA
DestroyWindow
CreateDialogParamA
CheckDlgButton
SetWindowPos
ExitWindowsEx
SetWindowTextA
SetForegroundWindow
GetDlgItemTextA
MessageBoxA
IsDlgButtonChecked
GetCursorPos
GetClassLongA
SetClassLongA
SetDlgItemTextA
SetTimer
KillTimer
EnableWindow
SetFocus
InvalidateRect
GetDC
ReleaseDC
ShowWindow
CreateWindowExA
GetDlgItem
GetWindowRect
ScreenToClient

gdi32

RealizePalette
StretchDIBits
SelectPalette
SetStretchBltMode
CreateDIBitmap
GetDeviceCaps
DeleteObject
CreatePalette

advapi32

RegQueryValueA
RegDeleteValueA
RegOpenKeyA
RegEnumKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegSetValueA
RegQueryValueExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoUninitialize
CoCreateInstance
CoInitialize

comctl32

ord17
ImageList_LoadImageA

winmm

ord2

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ed244a6ce3f85cfbf1cc9722945915e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

winmm

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 19KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 182KB - Virtual size: 181KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 19KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 182KB - Virtual size: 181KB

.reloc
Size: 7KB - Virtual size: 7KB