5511826c357e52bb86c53072a85b10b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5511826c357e52bb86c53072a85b10b9_JaffaCakes118
Size

3.1MB
MD5

5511826c357e52bb86c53072a85b10b9
SHA1

89de0eb42405601dd48649d8387eb41e26e65fbf
SHA256

ffe277064b6164c5eaf82d299d7a7bcfb7c4ae321f79b02623fea79cdec89290
SHA512

8d4db52697d3a96aacb132a0466911bdec0dfe8610392d5869b398ff6f65c547a890014bf0609b153eed900992db582f78527c1e7e2f6acb924e481b62d3a74c
SSDEEP

98304:JpryLsC3B9ScL+zkD5+o3LLgeoZUlulmcQJBJnpbYQ89QAcANzkPY:zrO3BAbzk1pPgpUlcm5FstaAVkPY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ApWiFi 无线路由 1.0.1.6 绿色版/WiFi_Route.exe

Files

5511826c357e52bb86c53072a85b10b9_JaffaCakes118
.rar
ApWiFi 无线路由 1.0.1.6 绿色版/Styles/Codejock.cjstyles
.dll windows:4 windows x86 arch:x86

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bf
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

20/10/2008, 00:00

Not After

20/10/2010, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06
Signer

Actual PE Digest

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ApWiFi 无线路由 1.0.1.6 绿色版/WiFi_Route.exe
.exe windows:5 windows x86 arch:x86

85f3fbf85dc0c4760684b0aa7d82eb22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 kernel32

GlobalFree @

kernel32

GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetProcAddress
FreeLibrary
lstrcpyW
lstrlenW
IsDebuggerPresent
HeapCreate
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapSize
ExitProcess
RaiseException
RtlUnwind
HeapReAlloc
GetSystemTimeAsFileTime
CreateThread
ExitThread
GetStartupInfoW
EnumResourceTypesW
EnumResourceNamesW
LocalSize
GetExitCodeThread
TerminateThread
OpenProcess
LoadLibraryExW
LoadLibraryExA
UnhandledExceptionFilter
QueryPerformanceCounter
VirtualFree
GetLocalTime
CreateMutexW
GetLastError
CloseHandle
Sleep
GetVersion
GetTickCount
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
HeapAlloc
GetProcessHeap
HeapFree
GetModuleHandleW
lstrcatW
GetSystemDefaultLangID
CreateEventW
ResetEvent
SetEvent
WaitForSingleObject
WideCharToMultiByte
lstrcmpiW
GetModuleFileNameW
DeleteFileW
TerminateProcess
lstrlenA
GetUserDefaultLCID
GetFileAttributesW
CreateDirectoryW
CreateFileW
WriteFile
GetComputerNameW
LocalAlloc
SetFileAttributesW
CopyFileW
MulDiv
LocalFree
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryW
GetFileSizeEx
SetErrorMode
GetFileTime
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
InterlockedIncrement
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetThreadLocale
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
SuspendThread
ResumeThread
SetThreadPriority
InterlockedDecrement
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
SetLastError
GlobalFree

user32

UnregisterClassW
GetMenuItemInfoW
InflateRect
GetSysColorBrush
CharUpperW
ReleaseCapture
SetCapture
KillTimer
SetWindowRgn
IsRectEmpty
SystemParametersInfoW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetMessageW
TranslateMessage
ValidateRect
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
MoveWindow
IsDialogMessageW
GetDlgItemTextW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
EnableWindow
SendMessageW
GetSystemMetrics
SetWindowLongW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
ScrollWindow
CopyAcceleratorTableW
SetRect
InvalidateRgn
TranslateAcceleratorW
BringWindowToTop
SetRectEmpty
InsertMenuItemW
LoadAcceleratorsW
TrackPopupMenuEx
GetKeyState
ReuseDDElParam
UnpackDDElParam
CharNextW
WaitMessage
GetNextDlgGroupItem
MessageBeep
DestroyIcon
GetWindowLongW
SetWindowPos
GetParent
GetCursorPos
SetForegroundWindow
TrackPopupMenu
IsWindowVisible
GetAsyncKeyState
GetWindowRect
wsprintfW
RegisterWindowMessageW
PostMessageW
SetWindowTextW
IsMenu
DestroyMenu
CreatePopupMenu
AppendMenuW
ShowWindow
RedrawWindow
LoadIconW
LoadCursorW
CheckMenuItem
SetTimer
IsIconic
LookupIconIdFromDirectoryEx
LoadImageW
CreateIconFromResourceEx
CreateIconIndirect
CopyIcon
GetIconInfo
GetDoubleClickTime
DrawFocusRect
GetMenuDefaultItem
SetMenuDefaultItem
SetClassLongW
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
LoadMenuW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
GetMenuItemID
GetMenuItemCount
DrawStateW
DrawIconEx
SendMessageTimeoutW
DrawMenuBar
DrawFrameControl
DrawEdge
RegisterClassA
DefMDIChildProcW
DefMDIChildProcA
DefDlgProcW
DefDlgProcA
DefFrameProcW
RegisterClipboardFormatW
PostThreadMessageW
GetSubMenu
EnableMenuItem
LoadBitmapW
DefFrameProcA
DefWindowProcA
CallWindowProcA
EnableScrollBar
EnumWindows
IsWindowUnicode
GetWindowLongA
SetWindowLongA
GetClientRect
DrawIcon
UpdateWindow
GetDlgItem
SetDlgItemTextW
GetClassNameW
EnumChildWindows
IsDlgButtonChecked
MapWindowPoints
PtInRect
SetCursor
InvalidateRect
GetSystemMenu

gdi32

GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
BitBlt
GetObjectType
CreatePen
GetViewportExtEx
CreateRectRgnIndirect
PatBlt
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
CombineRgn
GetMapMode
GetRgnBox
CreateCompatibleBitmap
GetBkColor
GetTextColor
StretchDIBits
SelectPalette
GetWindowExtEx
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
GetObjectW
CreateSolidBrush
SetBkMode
GetDeviceCaps
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
SaveDC
RestoreDC
OffsetRgn
GetTextCharsetInfo
StretchBlt
CreateDIBSection
SetBrushOrgEx
Polygon
CreatePalette
CreateDIBitmap
GetDIBits
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyW
RegQueryValueExW
RegCloseKey
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
StartServiceW
ChangeServiceConfigW
RegSetValueExW
RegDeleteValueW
EnumServicesStatusW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW

shell32

Shell_NotifyIconW
ShellExecuteExW
SHGetSpecialFolderPathW
DragFinish
ShellExecuteW
DragQueryFileW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_Destroy
FlatSB_GetScrollProp

shlwapi

StrStrIW
PathRemoveFileSpecW
PathStripPathW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitialize

oleaut32

SystemTimeToVariantTime
VariantClear
VariantInit
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantChangeType
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
OleLoadPicturePath
VariantTimeToSystemTime

wlanapi

WlanEnumInterfaces
WlanDisconnect
WlanGetProfileList
WlanRegisterNotification
WlanConnect
WlanGetProfile
WlanSetProfile
WlanDeleteProfile
WlanOpenHandle
WlanCloseHandle
WlanFreeMemory

rpcrt4

RpcStringFreeW
UuidToStringW
UuidFromStringW

iphlpapi

GetUdpTable
GetIpForwardTable
GetAdaptersInfo
GetIfTable

rasapi32

RasGetProjectionInfoW
RasEnumConnectionsW

wsock32

WSAStartup
gethostbyaddr
ioctlsocket
inet_addr
htons

wininet

HttpQueryInfoW
InternetCloseHandle
InternetOpenUrlW
InternetGetConnectedState
InternetOpenW
InternetReadFile

snmpapi

SnmpUtilOidFree
SnmpUtilOidNCmp
SnmpUtilOidCpy

imagehlp

ImageDirectoryEntryToData

winmm

PlaySoundW
timeGetTime
waveOutGetNumDevs

Sections

.text
Size: 980KB - Virtual size: 980KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ApWiFi
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ApWiFi
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
使用说明.html
极速软件下载.url

Sharing

General

Malware Config

Signatures

Files

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bfCertificate

Extended Key Usages

Key Usages

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06Signer

Headers

File Characteristics

Sections

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 512B - Virtual size: 12B

85f3fbf85dc0c4760684b0aa7d82eb22

Headers

DLL Characteristics

File Characteristics

Imports

kernel32 kernel32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wlanapi

rpcrt4

iphlpapi

rasapi32

wsock32

wininet

snmpapi

imagehlp

winmm

Sections

.text Size: 980KB - Virtual size: 980KB

.ApWiFi Size: 3.0MB - Virtual size: 3.0MB

.idata Size: 24KB - Virtual size: 28KB

.rsrc Size: 11KB - Virtual size: 12KB

.ApWiFi Size: 4KB - Virtual size: 4KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bf
Certificate

57:4e:bd:e3:7f:c7:6c:a7:f5:63:44:0e:d1:1f:d8:eb:57:93:c6:06
Signer

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 980KB - Virtual size: 980KB

.ApWiFi
Size: 3.0MB - Virtual size: 3.0MB

.idata
Size: 24KB - Virtual size: 28KB

.rsrc
Size: 11KB - Virtual size: 12KB

.ApWiFi
Size: 4KB - Virtual size: 4KB