4404b5bea14dd165246fb61cd8d11466_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4404b5bea14dd165246fb61cd8d11466_JaffaCakes118
Size

79KB
MD5

4404b5bea14dd165246fb61cd8d11466
SHA1

8d442b144daafa02b3b7b47017ff787bc9414d23
SHA256

c4323b8f26de36fa31e04b67b2292f360950f76277c40fc9cfa2d75bdd128aaf
SHA512

fbd67e3af4aecf64bd75c88e8fe81ff155321dc20198cd65390ad9da4bc41961ac611d5e5ca1dbcbeddaa8ce2ce24f45a8a102afb916149aa3ff3a504a16666e
SSDEEP

1536:CzyF+GiVOut0TTuwiQyAeWhzkuvzAcM5yxqQHxOT/Dh6V9RR7V:KyF+WuJWZkAM5yda/Dh6V9RRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe
unpack001/keygen.exe

Files

4404b5bea14dd165246fb61cd8d11466_JaffaCakes118
.rar
ReadMe.txt
SCCPUSpy.INA
Setup.exe
.exe windows:4 windows x86 arch:x86

2151d35ebab59b952794fd9c4e11f021

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

user32

IsDlgButtonChecked
GetDlgItemTextA
EndDialog
GetDlgItem
wsprintfA
SetDlgItemTextA
SendDlgItemMessageA
ShowWindow
CheckDlgButton
EnableWindow
DialogBoxParamA

kernel32

GlobalAlloc
MultiByteToWideChar
ReadFile
FindClose
GetCommandLineA
lstrcpyA
lstrcmpA
WritePrivateProfileStringA
WriteFile
Sleep
SetFilePointer
CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
SearchPathA
FindFirstFileA
FindNextFileA
GetFileSize
GetModuleHandleA
GetProcessHeap
GetTempPathA
GetVersionExA
GetWindowsDirectoryA
SetEndOfFile
HeapAlloc
HeapFree
MoveFileExA
RemoveDirectoryA

shell32

SHGetDesktopFolder
SHGetFileInfoA
SHGetInstanceExplorer
ShellExecuteA
SHLoadInProc
SHAddToRecentDocs
SHBrowseForFolderA
SHChangeNotify
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetMalloc
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dReg.dat
keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
piaodown.com.txt
使用说明.htm
.html

Sharing

General

Malware Config

Signatures

Files

2151d35ebab59b952794fd9c4e11f021

Headers

File Characteristics

Imports

advapi32

user32

kernel32

shell32

ole32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 19KB

.rsrc Size: 6KB - Virtual size: 5KB

Headers

File Characteristics

Sections

Size: - Virtual size: 116KB

Size: 31KB - Virtual size: 32KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 19KB

.rsrc
Size: 6KB - Virtual size: 5KB