eec077a30374eacee088bd9619e65987_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eec077a30374eacee088bd9619e65987_JaffaCakes118
Size

664KB
MD5

eec077a30374eacee088bd9619e65987
SHA1

000e097462dbf811b7918573595157b3d30c87c9
SHA256

5b17e265a5fb13fbc666d40aa0b2d0a53dc6844b11670f0bb8fd15100d8f18ea
SHA512

0f18a394f4cc3b5cd23511b1590f2e381293601378b48fda13284d4c2217b48b2f257e1425969e5a4a004222b3207d9666aa149f1db44ea194db5bd0fecc9d8c
SSDEEP

12288:XjC/65/meS9kOdG9c/Jf/zwJ/yF3cDmbwSi3pvd0fc7DkMeJs3IzKvSD8MmVX:XjC/oUD0cJ/z+yF3cDmbw5vuYDkMeJLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/52zsoftdown/52zsoftdown_111886.exe

Files

eec077a30374eacee088bd9619e65987_JaffaCakes118
.rar
52zsoftdown/52zsoftdown_111886.exe
.exe windows:4 windows x86 arch:x86

97ae2632f1459836cc8808855f26b3b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\GameMGR\bin\win32\release\tool\GMSoftDownload.pdb

Imports

comctl32

_TrackMouseEvent

msimg32

AlphaBlend

riched20

ord4

shell32

SHGetSpecialFolderPathW
ShellExecuteW
Shell_NotifyIconW
SHGetFolderPathW

wininet

HttpQueryInfoW
InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetCloseHandle
InternetSetOptionW

kernel32

GetCurrentDirectoryW
GetCurrentProcess
CreateDirectoryW
GetFileType
FindNextFileW
FindClose
FindFirstFileW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
GetSystemInfo
GetVersionExW
GetSystemDirectoryW
lstrcatW
GetCurrentThreadId
ResumeThread
DeviceIoControl
GetLongPathNameW
GetTempFileNameW
SetCurrentDirectoryW
GetTempPathW
SetPriorityClass
FreeResource
FindResourceW
LoadResource
LockResource
SizeofResource
MulDiv
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetTimeZoneInformation
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
ExitProcess
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
CreateThread
ExitThread
RtlUnwind
GetStartupInfoW
GetProcessHeap
GetVersionExA
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
SetEvent
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
lstrcpynW
Sleep
GetTickCount
CreateProcessW
ResetEvent
WaitForSingleObject
lstrcpyW
OutputDebugStringW
SetStdHandle
GetModuleFileNameW
CreateEventW
GetLastError
GetCommandLineW
MultiByteToWideChar
CreateFileW
ReadFile
lstrlenW
CloseHandle
lstrlenA
GetPrivateProfileStringW
GetPrivateProfileIntW
SetEndOfFile
SetFilePointer
GetFileSize
DeleteFileW
WritePrivateProfileStringW
WriteFile
GetCurrentProcessId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
QueryPerformanceCounter

user32

OffsetRect
DrawIconEx
CopyImage
FillRect
CharPrevW
DrawTextW
IntersectRect
IsRectEmpty
SetCursor
DrawFocusRect
SetPropW
GetPropW
LoadCursorW
RegisterClassExW
CallWindowProcW
RegisterClassW
SetCaretPos
LoadImageW
DestroyIcon
GetClassInfoExW
GetCursorPos
GetFocus
CreateCaret
ClientToScreen
GetSysColor
CharNextA
RedrawWindow
MoveWindow
GetAsyncKeyState
IsWindow
InvalidateRect
GetMessageW
SetFocus
GetMonitorInfoW
CreateWindowExW
ShowCaret
EnableWindow
HideCaret
CreateAcceleratorTableW
EndPaint
PtInRect
ReleaseCapture
IsChild
DestroyWindow
SetCapture
DispatchMessageW
PostMessageW
ReleaseDC
TranslateAcceleratorW
UpdateLayeredWindow
MonitorFromWindow
SetWindowRgn
GetUpdateRect
GetKeyState
GetDC
TranslateMessage
LoadBitmapW
SystemParametersInfoW
IsIconic
GetClientRect
IsZoomed
SetForegroundWindow
GetWindowTextLengthW
GetWindowRect
GetWindow
MapWindowPoints
SetWindowTextW
GetWindowTextW
LoadStringW
GetParent
GetSystemMetrics
SetWindowLongW
SetWindowPos
GetWindowLongW
ShowWindow
PostQuitMessage
SendMessageW
SetTimer
KillTimer
LoadIconW
ScreenToClient
MessageBoxW
CharNextW
wsprintfA
wsprintfW
InvalidateRgn
DestroyAcceleratorTable
BeginPaint
DefWindowProcW

gdi32

SelectClipRgn
GetCharABCWidthsW
SetBkColor
SetBkMode
StretchBlt
GetTextExtentPoint32W
TextOutW
ExtSelectClipRgn
SetStretchBltMode
ExtTextOutW
SetBitmapBits
CreateSolidBrush
GetClipBox
GetBitmapBits
GetDeviceCaps
CreateCompatibleBitmap
SetTextColor
CreateCompatibleDC
CreateRectRgnIndirect
DeleteDC
CreateDIBSection
DeleteObject
GetObjectW
GetStockObject
SelectObject
BitBlt
CreatePen
CreateEllipticRgn
Rectangle
GetTextMetricsW
CreateRectRgn
CombineRgn
CreateRoundRectRgn
RoundRect
CreateFontIndirectW

advapi32

RegEnumKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

ole32

OleLockRunning
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoCreateInstance

oleaut32

OleLoadPicture
SysFreeString
SysAllocString

shlwapi

StrStrIW
StrStrIA

Sections

.text
Size: 788KB - Virtual size: 786KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
52zsoftdown/使用说明.txt
52zsoftdown/绿软基地.url
.url

Sharing

General

Malware Config

Signatures

Files

97ae2632f1459836cc8808855f26b3b1

Headers

File Characteristics

PDB Paths

Imports

comctl32

msimg32

riched20

shell32

wininet

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 788KB - Virtual size: 786KB

.rdata Size: 152KB - Virtual size: 151KB

.data Size: 16KB - Virtual size: 23KB

.tls Size: 4KB - Virtual size: 9B

.rsrc Size: 344KB - Virtual size: 342KB

.text
Size: 788KB - Virtual size: 786KB

.rdata
Size: 152KB - Virtual size: 151KB

.data
Size: 16KB - Virtual size: 23KB

.tls
Size: 4KB - Virtual size: 9B

.rsrc
Size: 344KB - Virtual size: 342KB