c86fe5e1f8f53c1ef20d6f53924967fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c86fe5e1f8f53c1ef20d6f53924967fe_JaffaCakes118
Size

8.8MB
MD5

c86fe5e1f8f53c1ef20d6f53924967fe
SHA1

84c9cb0b7ef80e41084260d8539ad411841bb3e3
SHA256

5bbb29c8e5fe4891ec5efc64bc91a6af79a62cf75a4b0577e1fb444a16e4948b
SHA512

ec884d92d8184e177c788a1ec0e41bc238f29fe3d7211bdd32b21355f631aa4f97a54ed042fb5958a6ba9993f707d2553037efe613ecdcf56c7f78440a8b3b79
SSDEEP

196608:JoBHslGLzScqQ0SwRAg2aeCMCvNBcCGwepcYT:JuMlazScq9VmacCVBlvepR

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SQLyog Enterprise v5.02 汉化版/HB-SQLyogEE502.exe
unpack001/SQLyog Enterprise v5.02 汉化版/SQLyog502Ent.exe

Files

c86fe5e1f8f53c1ef20d6f53924967fe_JaffaCakes118
.rar
SQLyog Enterprise v5.02 汉化版/HB-SQLyogEE502.exe
.exe windows:4 windows x86 arch:x86

5f112d8d2142e21eb504f432a5aa2e7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetModuleFileNameA
GetDateFormatA
GetSystemDirectoryA
GetWindowsDirectoryA
GetCommandLineA
GetVersionExA
CreateMutexA
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcmpA
GetSystemTime
LocalFree
LocalAlloc
GetVersion
GetSystemInfo
GetComputerNameA
SetEndOfFile
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
lstrcpynA
GetCPInfo
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
RtlUnwind
TerminateProcess
HeapAlloc
HeapFree
GetExitCodeProcess
SetFileTime
GlobalMemoryStatus
GetShortPathNameA
SetErrorMode
WritePrivateProfileStringA
WritePrivateProfileSectionA
MoveFileExA
GetCurrentProcess
ExitProcess
WideCharToMultiByte
CreateProcessA
RemoveDirectoryA
GetFileTime
VerLanguageNameA
CompareFileTime
CopyFileA
GetFileSize
GetLogicalDriveStringsA
FreeLibrary
GetCurrentDirectoryA
SetCurrentDirectoryA
MultiByteToWideChar
SetFileAttributesA
LCMapStringW
GetTempPathA
GetFileAttributesA
CreateDirectoryA
GetLocaleInfoA
FindFirstFileA
lstrcmpiA
FindNextFileA
FindClose
GetDriveTypeA
lstrcatA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetTickCount
Sleep
GetCurrentThread
QueryPerformanceFrequency
QueryPerformanceCounter
GetThreadPriority
SetThreadPriority
GlobalReAlloc
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
MulDiv
lstrlenA
GetLastError
FormatMessageA
WriteFile
ReadFile
lstrcpyA
SetFilePointer
CreateFileA
CloseHandle
GetACP
DeleteFileA

user32

FindWindowA
IsIconic
PostMessageA
RegisterClassA
SetRectEmpty
ExitWindowsEx
MsgWaitForMultipleObjects
GetMessageA
TranslateMessage
DispatchMessageA
FillRect
PostQuitMessage
EnableWindow
SetWindowPos
SetTimer
GetDlgItemTextA
CreateDialogParamA
GetWindowLongA
IsWindowEnabled
GetSystemMetrics
RegisterClassExA
GetClientRect
IsWindowVisible
PtInRect
SetCursor
EndDialog
GetActiveWindow
WaitMessage
IsDialogMessageA
MessageBoxA
CopyRect
KillTimer
DrawEdge
GetDlgItem
SendDlgItemMessageA
SetDlgItemTextA
PeekMessageA
SetWindowTextA
ReleaseDC
EnumDisplaySettingsA
LoadBitmapA
GetDC
DestroyWindow
DefWindowProcA
GetWindowRect
InvalidateRect
LoadIconA
LoadImageA
GetSysColor
GetDesktopWindow
SystemParametersInfoA
SetForegroundWindow
DialogBoxParamA
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
SetWindowLongA
SetFocus
GetSystemMenu
DeleteMenu
AppendMenuA
ShowWindow
LoadCursorA
GetCursorPos
ScreenToClient
SendMessageA

gdi32

SaveDC
SetMapMode
SetViewportOrgEx
RestoreDC
StartDocA
StartPage
EndPage
TextOutA
SetBkMode
SelectObject
CreateFontA
GetDeviceCaps
BitBlt
DeleteDC
DeleteObject
CreateSolidBrush
GetStockObject
SetBkColor
SetTextColor
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits
GetTextExtentPoint32A
CreateBitmap
CreateDIBitmap
CreatePalette
AddFontResourceA
CreateScalableFontResourceA
EndDoc
RemoveFontResourceA

comdlg32

GetOpenFileNameA
PrintDlgA

advapi32

RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
OpenThreadToken
DuplicateToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
GetUserNameA
RegSetValueExA
RegCreateKeyExA
OpenProcessToken
RegQueryValueExA

shell32

SHFileOperationA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHChangeNotify

ole32

CoUninitialize
CoInitialize
OleInitialize
CoCreateInstance
OleUninitialize

oleaut32

RegisterTypeLi
LoadTypeLi

winmm

waveOutGetNumDevs
midiOutGetNumDevs
joyGetPos

comctl32

ord17
ImageList_Create
ImageList_Add

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SQLyog Enterprise v5.02 汉化版/SQLyog502Ent.exe
.exe windows:4 windows x86 arch:x86

b03f60e9d8ed80669e10a0f3d1000f0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

comctl32

ord17

kernel32

GetLastError
WideCharToMultiByte
DeleteFileA
lstrlenW
InterlockedIncrement
InterlockedDecrement
QueryPerformanceFrequency
CreateEventA
Sleep
lstrcatA
CompareStringA
CompareStringW
GetVersionExA
SetFilePointer
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
LockResource
LoadResource
SizeofResource
FindResourceA
CreateProcessA
GetSystemDefaultLCID
GlobalHandle
VerLanguageNameA
SetCurrentDirectoryA
WaitForSingleObject
GetSystemInfo
MulDiv
GetModuleFileNameA
IsValidCodePage
GetVersion
FlushFileBuffers
SetEndOfFile
LocalFree
FormatMessageA
GetDiskFreeSpaceA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
GetExitCodeProcess
GetCurrentProcess
GetCurrentThread
GetLocaleInfoA
UnhandledExceptionFilter
lstrlenA
GetACP
GetCPInfo
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
SetLastError
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
GetStartupInfoA
TerminateProcess
ExitProcess
RaiseException
RtlUnwind
GetModuleHandleA
SystemTimeToFileTime
QueryPerformanceCounter
ResetEvent
SetEvent
GetShortPathNameA
SearchPathA
FindFirstFileA
VirtualProtect
VirtualQuery
GetStdHandle
FindClose
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
CopyFileA
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
CreateThread
GetExitCodeThread
GetTickCount
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
GetFileAttributesA
GetProcessHeap
HeapAlloc
HeapFree
WriteFile
lstrcpynA
lstrcpyA
CreateFileMappingA
MapViewOfFile
HeapCreate
UnmapViewOfFile
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetOEMCP

user32

GetParent
GetWindowTextLengthA
GetWindowTextA
MoveWindow
GetWindowPlacement
DrawIcon
DestroyIcon
GetDlgCtrlID
SetWindowTextA
FillRect
GetSysColor
GetSysColorBrush
EnableWindow
GetDlgItemTextA
GetWindow
SetCursor
UpdateWindow
GetClassInfoA
wvsprintfA
LoadStringA
IsDialogMessageA
GetWindowRect
GetSystemMetrics
SetRect
FindWindowA
IntersectRect
SubtractRect
CharPrevA
DestroyWindow
CreateDialogParamA
CharNextA
MessageBoxA
WaitForInputIdle
GetWindowLongA
BeginPaint
EndPaint
SetWindowLongA
GetClientRect
ClientToScreen
SetWindowPos
GetWindowDC
EndDialog
GetDlgItem
ShowWindow
DialogBoxParamA
GetDesktopWindow
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA
DefWindowProcA
PostMessageA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
ExitWindowsEx
SendDlgItemMessageA
IsWindow
CharLowerBuffA
SendMessageA

gdi32

GetTextExtentPoint32A
SetBkMode
SetTextColor
GetObjectA
CreateFontIndirectA
CreateSolidBrush
CreateCompatibleDC
SelectObject
CreateFontA
DeleteDC
DeleteObject
GetStockObject
GetSystemPaletteEntries
CreatePalette
GetDeviceCaps
SelectPalette
RealizePalette
CreateDIBitmap
BitBlt
TranslateCharsetInfo

advapi32

RegQueryValueA
RegOpenKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegEnumValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegSetValueExA

ole32

StringFromCLSID
CoTaskMemFree
CoCreateGuid
CoCreateInstance
GetRunningObjectTable
StgIsStorageFile
StgOpenStorage
CoUninitialize
CoInitialize
CreateItemMoniker

oleaut32

VariantChangeType
SysAllocString
SysAllocStringLen
SysStringLen
SysReAllocStringLen
SysFreeString
VariantClear

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SQLyog Enterprise v5.02 汉化版/下载说明.htm
.html .js polyglot
SQLyog Enterprise v5.02 汉化版/非常世纪资源网.url
.url

Sharing

General

Malware Config

Signatures

Files

5f112d8d2142e21eb504f432a5aa2e7a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

winmm

comctl32

version

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 338KB

.rsrc Size: 4KB - Virtual size: 3KB

b03f60e9d8ed80669e10a0f3d1000f0c

Headers

File Characteristics

Imports

version

shell32

comctl32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 338KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 44KB - Virtual size: 40KB