ff207a4b3ca5911d307f58b775dcb980_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff207a4b3ca5911d307f58b775dcb980_JaffaCakes118
Size

276KB
MD5

ff207a4b3ca5911d307f58b775dcb980
SHA1

4b032b9ecb7c8ab48da30dd2edacd38094dcb558
SHA256

08c65d5d34d44820b4aebf0326914cf22cd45c486741a525f1cd72c2c1078cfd
SHA512

fb4e30cecba307a20ba47138567094e2fac3008f3324ce79859fd7a194680acfda0f1909acb6a950393f6c1c13188e4674350df163b5e0819d7ca628f7df127e
SSDEEP

6144:URTvT8AccgreU0pjHXLl3wNrWEzhrgp24KS7PxMDkz:IT78WgSU0Rp3wNrWKhrx4KS7xn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/coolplayer.exe

Files

ff207a4b3ca5911d307f58b775dcb980_JaffaCakes118
.rar
coolplayer.exe
.exe windows:4 windows x86 arch:x86

490e6f7131d2a175bd950633a219e13c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\MyProjects\coolcvs\Main\Release\coolplayer.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_LoadImageA
ImageList_Destroy

winmm

mixerOpen
waveOutOpen
mixerGetLineControlsA
mixerGetLineInfoA
mixerClose
mixerGetControlDetailsA
waveOutGetNumDevs
waveOutWrite
waveOutPause
waveOutRestart
waveOutReset
waveOutSetVolume
waveOutUnprepareHeader
waveOutPrepareHeader
timeKillEvent
timeSetEvent
mixerGetDevCapsA
waveOutClose
mixerSetControlDetails

dsound

ord1

kernel32

lstrcatA
FindFirstFileA
GetProcAddress
EnterCriticalSection
FindClose
LoadLibraryA
FindNextFileA
GetModuleHandleA
DeleteCriticalSection
lstrcpyA
lstrcmpiA
GetCurrentThread
SetThreadPriority
VirtualFree
VirtualAlloc
Sleep
GetFileSize
FindResourceA
UnmapViewOfFile
LoadResource
SizeofResource
LockResource
lstrcmpA
WriteFile
GetPrivateProfileIntA
GetPrivateProfileStringA
GetCurrentThreadId
SetEndOfFile
MoveFileA
DeleteFileA
MultiByteToWideChar
GetTickCount
GetFileAttributesA
GetLastError
GetModuleFileNameA
CreateMutexA
ExpandEnvironmentStringsA
WritePrivateProfileStringA
GetDriveTypeA
GetPrivateProfileSectionA
LocalAlloc
LeaveCriticalSection
RaiseException
SetStdHandle
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
RtlUnwind
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStdHandle
HeapCreate
HeapDestroy
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetProcessHeap
GetVersionExA
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
GetFullPathNameA
HeapReAlloc
ExitThread
HeapAlloc
HeapFree
InitializeCriticalSection
SetEvent
FreeLibrary
lstrlenA
ReadFile
SetFilePointer
CreateFileA
CreateThread
CloseHandle
CreateEventA
TerminateThread
WaitForSingleObject
lstrcpynA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetCurrentDirectoryA
HeapSize
InterlockedExchange

user32

GetMenuState
DestroyIcon
CreateIconIndirect
GetForegroundWindow
TranslateMessage
CheckMenuRadioItem
BringWindowToTop
RedrawWindow
GetDesktopWindow
GetMenuStringA
GetMenuItemCount
RemoveMenu
DispatchMessageA
EqualRect
FindWindowA
RegisterHotKey
SetForegroundWindow
GetDlgItem
EndDialog
GetDlgItemInt
DialogBoxParamA
SetDlgItemTextA
GetClassNameA
InflateRect
TrackPopupMenuEx
SetWindowsHookExA
SetMenuDefaultItem
UnhookWindowsHookEx
UpdateWindow
CheckMenuItem
MoveWindow
SetWindowRgn
LoadIconA
PostThreadMessageA
SendDlgItemMessageA
SetTimer
GetClientRect
UnregisterClassA
EndPaint
ClientToScreen
SetCursor
SetDlgItemInt
GetDlgItemTextA
InsertMenuItemA
PostQuitMessage
GetSubMenu
LoadMenuA
SetWindowTextA
IsDialogMessageA
DestroyWindow
PostMessageA
PeekMessageA
WaitMessage
ScreenToClient
TrackPopupMenu
SetCapture
KillTimer
GetParent
BeginPaint
PtInRect
GetAsyncKeyState
SetRect
SetWindowLongA
IntersectRect
CreateWindowExA
DefWindowProcA
GetCursorPos
CreatePopupMenu
AppendMenuA
SystemParametersInfoA
ReleaseCapture
DestroyMenu
LoadCursorA
RegisterClassA
CreateDialogParamA
IsZoomed
InvalidateRect
ShowWindow
SetFocus
SendMessageA
SetWindowPos
GetMessageA
wsprintfA
MessageBoxA
DrawTextA
LoadBitmapA
GetDC
OffsetRect
ReleaseDC
LoadImageA
GetWindowLongA
MsgWaitForMultipleObjects
CallNextHookEx

gdi32

BitBlt
SetBkMode
SetTextColor
CreateFontA
GetStockObject
IntersectClipRect
DeleteDC
GetTextExtentPointA
SelectObject
SelectClipRgn
CreateBitmap
ExcludeClipRect
ExtCreateRegion
SetBkColor
GetClipBox
GetDIBits
CreateSolidBrush
CreatePen
SelectPalette
RealizePalette
Rectangle
CreateHalftonePalette
CreateCompatibleDC
CreateCompatibleBitmap
SetDIBits
GetObjectA
CreateRectRgn
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA

shell32

SHGetSpecialFolderLocation
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
DragFinish
DragQueryFileA
Shell_NotifyIconA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

490e6f7131d2a175bd950633a219e13c

Headers

File Characteristics

PDB Paths

Imports

comctl32

winmm

dsound

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 304KB - Virtual size: 300KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 72KB - Virtual size: 84KB

.rsrc Size: 112KB - Virtual size: 111KB

.text
Size: 304KB - Virtual size: 300KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 72KB - Virtual size: 84KB

.rsrc
Size: 112KB - Virtual size: 111KB