9fea90183bef9801e6cc9a34858746b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9fea90183bef9801e6cc9a34858746b1_JaffaCakes118
Size

181KB
MD5

9fea90183bef9801e6cc9a34858746b1
SHA1

19f28dfe2532786070d5200fcaa6df96d1da1b93
SHA256

3b0f783e13a915baf599c65aac9b458697951e0ec6a3f8820d9fefda318b6bed
SHA512

8c038be58d3bdb7ccbb1702e2edb70d35610d1fdf4b7d2a85f4870918eb6fb21b93ed1555cf556db783fd7b3e00cd6dac938c637d03c34f2fc6b28fb10b31d8b
SSDEEP

3072:33N3JmiTIKuXXaOvBnj9DsuNQErqXvh5lQsJ1v08v1tmzfKHbqZ42Pa7qFPzGKn3:H1siX+X5JnJIuNFrMv7J1M8v1tdHbWPx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.comvc34777524414/Info.exe

Files

9fea90183bef9801e6cc9a34858746b1_JaffaCakes118
.rar
cvery.comvc34777524414/Info.aps
cvery.comvc34777524414/Info.clw
cvery.comvc34777524414/Info.cpp
cvery.comvc34777524414/Info.dsp
cvery.comvc34777524414/Info.dsw
cvery.comvc34777524414/Info.exe
.exe windows:4 windows x86 arch:x86

1d081a90e27b07e3b34e8b5fb15a6726

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
RtlUnwind
TerminateProcess
HeapAlloc
RaiseException
HeapFree
HeapSize
HeapReAlloc
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetACP
GetStdHandle
FormatMessageA
SetHandleCount
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
GetThreadLocale
GetCurrentProcess
SizeofResource
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
GetTickCount
FileTimeToLocalFileTime
GetOEMCP
SetErrorMode
GetCPInfo
GetFileTime
GetFileSize
GetFileAttributesA
GetVolumeInformationA
GetFullPathNameA
FindFirstFileA
FindClose
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
GetFileType
DuplicateHandle
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
lstrcpyA
GetComputerNameA
ReleaseMutex
OpenMutexA
LCMapStringW
GetProcessVersion
GetLastError
GetProfileStringA
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
LoadLibraryA
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GetProcAddress
SetLastError
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SetUnhandledExceptionFilter
GetStringTypeA
HeapDestroy
SetStdHandle
CreateMutexA

user32

CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
GetSysColorBrush
MessageBeep
CharUpperA
InvalidateRect
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
GetDesktopWindow
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
LoadStringA
wvsprintfA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
MapDialogRect
SetWindowPos
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
DestroyMenu
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
PtInRect
GetClassNameA
GetWindowTextA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
EnableWindow
IsWindowVisible
UnregisterHotKey
GetCursorPos
SetForegroundWindow
PostMessageA
GetSubMenu
ReleaseCapture
GetWindow
IntersectRect
GetWindowRect
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
LoadMenuA
RegisterHotKey
LoadIconA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
IntersectClipRect
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetViewportOrgEx
SetMapMode
OffsetViewportOrgEx
GetStockObject
SetBkMode
RestoreDC
SaveDC
SelectObject
DeleteDC
GetObjectA
SetTextColor
GetClipBox
SetBkColor
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

shell32

Shell_NotifyIconA

comctl32

ord17

oledlg

ord8

ole32

CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen

wsock32

WSASetLastError
WSAGetLastError
closesocket
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
gethostbyname
listen
htonl
htons
bind
ioctlsocket
accept
WSAStartup
WSACleanup

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 820KB - Virtual size: 818KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comvc34777524414/Info.h
cvery.comvc34777524414/Info.ncb
cvery.comvc34777524414/Info.opt
cvery.comvc34777524414/Info.plg
.html
cvery.comvc34777524414/Info.rc
cvery.comvc34777524414/InfoDlg.cpp
cvery.comvc34777524414/InfoDlg.h
cvery.comvc34777524414/MySocket.cpp
cvery.comvc34777524414/MySocket.h
cvery.comvc34777524414/Resource.h
cvery.comvc34777524414/StdAfx.cpp
cvery.comvc34777524414/StdAfx.h
cvery.comvc34777524414/res/135.avi
cvery.comvc34777524414/res/49.bmp
cvery.comvc34777524414/res/85.bmp
cvery.comvc34777524414/res/HOUSE.ICO
cvery.comvc34777524414/res/Info.ico
cvery.comvc34777524414/res/Info.rc2
cvery.comvc34777524414/res/Thumbs.db
cvery.comvc34777524414/res/about.bmp
cvery.comvc34777524414/res/beijing.bmp
cvery.comvc34777524414/res/bitmap3.bmp
cvery.comvc34777524414/res/eee.bmp
cvery.comvc34777524414/res/title.bmp
cvery.comvc34777524414/res/xptheme.bin
.xml
cvery.comvc34777524414/下载说明.htm
.html .js polyglot
cvery.comvc34777524414/说明.txt

Sharing

General

Malware Config

Signatures

Files

1d081a90e27b07e3b34e8b5fb15a6726

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 820KB - Virtual size: 818KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 820KB - Virtual size: 818KB