8f3aeaf0d8b50ac8d6775c27fa33c19a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8f3aeaf0d8b50ac8d6775c27fa33c19a_JaffaCakes118
Size

757KB
MD5

8f3aeaf0d8b50ac8d6775c27fa33c19a
SHA1

5a3e77bb69ced0c0a5758a24495c394b6aeb94d5
SHA256

9ca81fd87538986f3fc97bbc5abe5b8c27f6d618bb9733cfc594a508e945d290
SHA512

6f032b8254b13b565b4225f3eb9d84ca3e486e3aff5416624c6eb4271f148170089d32c6c83be98f9578afaa2aa6354e8b7d1c3868afc7d65e484ea3f56f1c55
SSDEEP

12288:sX4u0ksN3TQQQxBC64GjaRjLecXjnAoxiyDOuv8UWIfA9jozwcZlZFZb8:sXg/3TQhxBC63+znAmZlv8WAuXjI

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/LingvoSoft.Talking.Dictionary.2007.Spanish.German.v4.0.22.WinALL-CHiCNCREAM/lingvosoft.dictionary.2007-patch.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/LingvoSoft.Talking.Dictionary.2007.Spanish.German.v4.0.22.WinALL-CHiCNCREAM/LD2007.exe
unpack001/LingvoSoft.Talking.Dictionary.2007.Spanish.German.v4.0.22.WinALL-CHiCNCREAM/lingvosoft.dictionary.2007-patch.exe
unpack002/out.upx

Files

8f3aeaf0d8b50ac8d6775c27fa33c19a_JaffaCakes118
.zip
LingvoSoft.Talking.Dictionary.2007.Spanish.German.v4.0.22.WinALL-CHiCNCREAM/LD2007.exe
.exe windows:4 windows x86 arch:x86

b5107f60f853338986bbd767297a89c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Work\C++\Ld2007\Release\LD2007.pdb

Imports

kernel32

GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
IsBadWritePtr
SetUnhandledExceptionFilter
HeapSize
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CreateFileA
CompareStringA
SetEnvironmentVariableA
TerminateProcess
GetFileType
SetStdHandle
InterlockedExchange
HeapReAlloc
VirtualQuery
GetSystemInfo
HeapAlloc
FindNextFileA
FindFirstFileA
GetSystemTimeAsFileTime
HeapFree
RtlUnwind
ExitProcess
GetStartupInfoW
GetTickCount
SetErrorMode
FindResourceExW
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
FileTimeToSystemTime
InterlockedIncrement
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
lstrcmpA
VirtualProtect
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
lstrcatW
GetVersionExA
SetLastError
GlobalFree
MulDiv
lstrcpyW
FormatMessageW
LoadLibraryA
LocalFree
CompareStringW
VirtualAlloc
VirtualFree
CreateThread
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersion
CreateProcessW
Sleep
lstrcmpW
GetLocalTime
SystemTimeToFileTime
GetCurrentDirectoryW
WriteFile
GlobalAlloc
GlobalLock
GlobalUnlock
CreateMutexW
ReleaseMutex
GetModuleHandleW
SetCurrentDirectoryW
FindFirstFileW
CreateFileW
ReadFile
CloseHandle
GetModuleFileNameW
CreateDirectoryW
GetLastError
lstrcpynW
GetPrivateProfileSectionW
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedDecrement
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP

user32

ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
TranslateAcceleratorW
CharUpperW
MapDialogRect
DestroyMenu
GetMessageW
ValidateRect
EndPaint
BeginPaint
GetWindowDC
GetDC
GrayStringW
DrawTextExW
TabbedTextOutW
SetMenuItemBitmaps
EnableMenuItem
GetMenuCheckMarkDimensions
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
WinHelpW
GetCapture
CallNextHookEx
GetClassInfoExW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
TrackPopupMenuEx
TrackPopupMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassW
CallWindowProcW
SetWindowPos
UnpackDDElParam
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetMenuState
GetMenuStringW
RegisterWindowMessageW
DrawTextW
LoadBitmapW
GetSysColorBrush
BeginDeferWindowPos
EndDeferWindowPos
GetClassLongW
GetDCEx
ReleaseDC
IsRectEmpty
PeekMessageW
TranslateMessage
DispatchMessageW
GetMessagePos
MapWindowPoints
CheckMenuItem
EmptyClipboard
SetClipboardData
SetLayeredWindowAttributes
LoadKeyboardLayoutW
ActivateKeyboardLayout
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
OpenClipboard
SetMenu
GetMenu
LoadMenuW
DeleteMenu
FindWindowW
ShowWindow
CreateWindowExW
SetWindowLongW
DestroyIcon
UnhookWindowsHookEx
SetWindowsHookExW
GetAsyncKeyState
GetForegroundWindow
ModifyMenuW
GetSubMenu
GetMenuItemInfoW
GetMenuItemID
PostQuitMessage
ShowOwnedPopups
SetParent
GetSystemMenu
CopyAcceleratorTableW
InvalidateRgn
CharNextW
GetMenuItemCount
GetDialogBaseUnits
RedrawWindow
LockWindowUpdate
SetRectEmpty
GetWindow
IsChild
SetCursor
ShowScrollBar
SetRect
ReleaseCapture
WindowFromPoint
SetCapture
ClientToScreen
UnionRect
MessageBoxW
wsprintfW
UpdateWindow
FrameRect
SetForegroundWindow
AppendMenuW
CreatePopupMenu
LoadImageW
LoadIconW
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
RegisterClipboardFormatW
IntersectRect
SetWindowContextHelpId
IsWindowVisible
BringWindowToTop
FillRect
OffsetRect
GetDoubleClickTime
GetWindowLongW
GetSysColor
SystemParametersInfoW
GetCursorPos
GetSystemMetrics
GetClassInfoW
DefWindowProcW
LoadCursorW
GetParent
GetDesktopWindow
GetFocus
KillTimer
SetTimer
ScreenToClient
GetClientRect
GetWindowRect
DrawFrameControl
CopyRect
InflateRect
PtInRect
SendMessageW
PostMessageW
EnableWindow
UnregisterClassW
GetKeyState
InvalidateRect
GetDlgCtrlID

gdi32

GetTextColor
SelectClipRgn
DeleteObject
GetRgnBox
IntersectClipRect
ExcludeClipRect
SetMapMode
GetBkColor
GetCharWidthW
StretchDIBits
GetMapMode
CombineRgn
SetRectRgn
CreatePen
CreateRectRgn
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateFontW
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
SetBkMode
ExtTextOutW
BitBlt
PatBlt
GetTextMetricsW
CreateICW
GetDeviceCaps
EnumFontFamiliesExW
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32W
CreateSolidBrush
CreateRectRgnIndirect
Rectangle
SelectObject
GetObjectW
CreateFontIndirectW

comdlg32

GetOpenFileNameW
GetFileTitleW
ChooseColorW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RegDeleteValueW
RegCreateKeyExW

shell32

SHGetFolderPathW
Shell_NotifyIconW
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

ImageList_GetImageInfo
ImageList_Draw
ord17
ImageList_LoadImageW
ImageList_Destroy
ImageList_Create
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_AddMasked

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
StrCpyNW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CLSIDFromString
StgOpenStorageOnILockBytes
CoTaskMemFree
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
CoRegisterMessageFilter
OleFlushClipboard

oleaut32

SysFreeString
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
LoadRegTypeLi
DispCallFunc
VariantCopy
VariantInit
VariantClear
SysAllocStringLen
SysAllocString
VariantChangeType

Sections

.text
Size: 616KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 476KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LingvoSoft.Talking.Dictionary.2007.Spanish.German.v4.0.22.WinALL-CHiCNCREAM/chic.nfo
LingvoSoft.Talking.Dictionary.2007.Spanish.German.v4.0.22.WinALL-CHiCNCREAM/file_id.diz
LingvoSoft.Talking.Dictionary.2007.Spanish.German.v4.0.22.WinALL-CHiCNCREAM/lingvosoft.dictionary.2007-patch.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
keygen.nfo

Sharing

General

Malware Config

Signatures

Files

b5107f60f853338986bbd767297a89c7

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 616KB - Virtual size: 612KB

.rdata Size: 324KB - Virtual size: 323KB

.data Size: 92KB - Virtual size: 107KB

.rsrc Size: 476KB - Virtual size: 474KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 84KB

UPX1 Size: 81KB - Virtual size: 84KB

.rsrc Size: 4KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 139KB - Virtual size: 138KB

.text
Size: 616KB - Virtual size: 612KB

.rdata
Size: 324KB - Virtual size: 323KB

.data
Size: 92KB - Virtual size: 107KB

.rsrc
Size: 476KB - Virtual size: 474KB

UPX0
Size: - Virtual size: 84KB

UPX1
Size: 81KB - Virtual size: 84KB

.rsrc
Size: 4KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 139KB - Virtual size: 138KB