172899e62d0331bb1ec9fcb4aa369476_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

172899e62d0331bb1ec9fcb4aa369476_JaffaCakes118
Size

2.5MB
MD5

172899e62d0331bb1ec9fcb4aa369476
SHA1

693d785158a9e867e31cc0b33c0124bf2bf67afe
SHA256

f5773e3b4f75a2f4b47f6335b9c115e5f5fcc0afa6e58a63a7a5aa6366237dc0
SHA512

2350f2f4efa4379cb0a7837617b3d0d0a583f12165f479149616d46e207963380dc55c5b2e432ff9563f51f8ac8c88de4f99ba6ab2cef9db040cff81e31cc85a
SSDEEP

49152:iw63Ea615lBOtrEkaT+XDnlIq/Wnlm3YZXrX1cHT7rGhYYKAS5ASVK:Y7615ErfaTj0lOXrSHTOYYKAS5ASQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172899e62d0331bb1ec9fcb4aa369476_JaffaCakes118

Files

172899e62d0331bb1ec9fcb4aa369476_JaffaCakes118
.exe windows:5 windows x86 arch:x86

28c51dae9afee055343a14f43facb091

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\吴玲玉\代码文件\微端制作\2、游戏微端\M 魔法王座\Release\MfwzR.pdb

Imports

kernel32

LocalAlloc
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetFileSizeEx
GetFileTime
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
SetStdHandle
GetFileType
GetCurrentThread
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FileTimeToLocalFileTime
LCMapStringA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
SetEnvironmentVariableA
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FormatMessageW
LocalFree
GlobalFree
GetModuleHandleA
GetCurrentProcessId
ResumeThread
WaitForMultipleObjects
ExitThread
CreateSemaphoreW
ReleaseSemaphore
SetEvent
DeleteCriticalSection
lstrcmpiW
lstrcmpW
MulDiv
InitializeCriticalSection
LoadLibraryExW
GetShortPathNameW
FileTimeToSystemTime
UnmapViewOfFile
GetFileSize
lstrlenW
FreeResource
WriteProcessMemory
GetLocaleInfoA
IsWow64Process
VirtualAllocEx
GlobalUnlock
TerminateProcess
GetVersionExW
ReadProcessMemory
VirtualFreeEx
GlobalAlloc
GlobalLock
LocalFileTimeToFileTime
GetCurrentDirectoryW
ReadFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
CreatePipe
CreateEventW
ResetEvent
GetStdHandle
CreateProcessW
GetModuleHandleW
CreateThread
InterlockedCompareExchange
IsProcessorFeaturePresent
SetFileAttributesW
CreateToolhelp32Snapshot
FindNextFileW
Process32NextW
SetProcessWorkingSetSize
RemoveDirectoryW
Process32FirstW
FindClose
GetFileAttributesW
OpenProcess
WaitForSingleObject
FindFirstFileW
GetProcAddress
GetTickCount
lstrlenA
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileIntW
GetCurrentThreadId
EnterCriticalSection
SetLastError
RaiseException
FlushInstructionCache
LeaveCriticalSection
GetCurrentProcess
WideCharToMultiByte
DeleteFileW
CloseHandle
GetLastError
WritePrivateProfileStringW
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
CopyFileW
Sleep
LoadLibraryW
WriteFile
GetPrivateProfileStringW
CreateDirectoryW
SetUnhandledExceptionFilter
FreeLibrary
CreateMutexW
GetCommandLineW
ExitProcess
LockResource
SizeofResource
LoadResource
GetModuleFileNameA
FindResourceW

user32

IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
GetMenu
OffsetRect
SystemParametersInfoA
MapVirtualKeyW
GetKeyNameTextW
GetMenuItemID
GetMenuItemCount
IntersectRect
GetActiveWindow
MapDialogRect
CreateDialogIndirectParamW
WindowFromPoint
EndDialog
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetLastActivePopup
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
EndPaint
ClientToScreen
GetWindowTextLengthW
DestroyAcceleratorTable
CharNextW
RegisterWindowMessageW
FillRect
IsChild
SetCapture
UnregisterClassW
GetFocus
GetParent
InvalidateRgn
CreateAcceleratorTableW
SetFocus
BeginPaint
InflateRect
GetWindowTextW
GetDlgItem
RedrawWindow
GetSysColor
GetWindowPlacement
SetWindowTextW
GetDesktopWindow
FindWindowExW
GetWindowThreadProcessId
wsprintfW
ScreenToClient
GetClientRect
SystemParametersInfoW
CopyRect
SetWindowRgn
SetRectEmpty
TranslateMessage
PeekMessageW
DispatchMessageW
SetCursor
UpdateLayeredWindow
SetWindowContextHelpId
IsIconic
LoadImageW
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
CopyAcceleratorTableW
SetActiveWindow
GetSysColorBrush
KillTimer
GetSubMenu
SetForegroundWindow
GetDC
LoadIconW
CharUpperW
RegisterClipboardFormatW
GetMessageW
GetNextDlgTabItem
ValidateRect
SetRect
LoadMenuW
ReleaseDC
MessageBoxW
GetSystemMetrics
IsWindowVisible
CheckMenuItem
MoveWindow
PostMessageW
SetParent
SetTimer
GetWindowRect
MonitorFromPoint
TrackPopupMenu
LoadCursorW
GetClassInfoExW
RegisterClassExW
AppendMenuW
GetClassNameW
SetWindowPos
GetCursorPos
CreatePopupMenu
CreateWindowExW
EqualRect
ReleaseCapture
DestroyMenu
GetMonitorInfoW
GetWindow
DestroyWindow
PostQuitMessage
GetWindowLongW
SetWindowLongW
ShowWindow
IsWindow
UpdateWindow
CallWindowProcW
DefWindowProcW
PtInRect
InvalidateRect
SendMessageW
EnableWindow
UnregisterHotKey
RegisterHotKey
IsWindowEnabled
UnregisterClassA

gdi32

RectVisible
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
DPtoLP
CreateCompatibleBitmap
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
GetObjectW
GetStockObject
CreateSolidBrush
CreateRoundRectRgn
DeleteDC
CreateDIBSection
DeleteObject
SelectObject
BitBlt
CreateCompatibleDC
TextOutW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegCloseKey

shell32

CommandLineToArgvW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsW
PathRenameExtensionW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
CoTaskMemRealloc
OleLockRunning
CoFreeUnusedLibraries
CoTaskMemFree
CLSIDFromProgID
CoInitialize
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoGetClassObject
OleUninitialize
OleInitialize
StringFromGUID2
CLSIDFromString

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysAllocStringLen
SysFreeString
VariantClear
SysAllocString
SysStringLen
LoadTypeLi
OleCreateFontIndirect
VarUI4FromStr
LoadRegTypeLi
VariantChangeType
VariantCopy

wininet

InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetCrackUrlW
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
InternetOpenW
InternetReadFile
InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpOpenRequestW
InternetCloseHandle
InternetCanonicalizeUrlW
InternetQueryDataAvailable

gdiplus

GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStream
GdipDeleteBrush
GdipFree
GdipCloneBrush
GdipDrawImageRectRectI
GdipSetTextRenderingHint
GdipDeleteFont
GdipDeleteGraphics
GdipDeleteFontFamily
GdipCreateSolidFill
GdipAlloc
GdipCreateFont
GdipDrawString
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipCreateStringFormat
GdipDeleteStringFormat
GdiplusShutdown
GdiplusStartup
GdipGetImageHeight
GdipGetImageWidth
GdipReleaseDC
GdipDeletePen
GdipFillRectangle
GdipDrawLineI
GdipDrawImageRectI
GdipDrawImageRectRect
GdipCreatePen1

psapi

EmptyWorkingSet
EnumProcesses
EnumProcessModules
GetModuleFileNameExW
GetModuleBaseNameW

snmpapi

SnmpUtilOidCpy
SnmpUtilVarBindFree
SnmpUtilOidNCmp

sensapi

IsNetworkAlive

ws2_32

WSAGetLastError
htons
recv
socket
__WSAFDIsSet
select
gethostbyname
send
connect
WSAStartup
closesocket

Sections

.text
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28c51dae9afee055343a14f43facb091

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

gdiplus

psapi

snmpapi

sensapi

ws2_32

Sections

.text Size: 441KB - Virtual size: 440KB

.rdata Size: 109KB - Virtual size: 109KB

.data Size: 16KB - Virtual size: 33KB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 59KB - Virtual size: 58KB

.text
Size: 441KB - Virtual size: 440KB

.rdata
Size: 109KB - Virtual size: 109KB

.data
Size: 16KB - Virtual size: 33KB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 59KB - Virtual size: 58KB