042b16a26fcffc35b893375551149cc5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

042b16a26fcffc35b893375551149cc5_JaffaCakes118
Size

689KB
MD5

042b16a26fcffc35b893375551149cc5
SHA1

fd11f0a6c19586017bec50e01f28dfc012641680
SHA256

b61876df19768d1a42749d8b0159350f118895d1f6ccf7f3c3a4be858ee987e5
SHA512

37efb2cd60015dbc504e6d1c87a33043b9cba522bdf900157f056666b1e0a4e7f65c1225e681d5e34e5e6a5a380ae455998b6f5037493e3abdf01081596b9ab2
SSDEEP

12288:+EEpxKHTPMLjde4EyCY3ftCFs1dxUWjG3kjcXAANpjUC3SzvJsae90XAkk:v1H7MXd7maH9UWyecXAAzjUuSzTeuXA9

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/makedisk.exe

Files

042b16a26fcffc35b893375551149cc5_JaffaCakes118
.rar
BOOTITNG.EXE
BOOTITNG.PIF
DISKIMG3.DAT
EMBR.ZIP
.zip
EMBR.EXE
EMBR.TXT
FILE_ID.DIZ
MAKEDISK.CFG
ORDER.TXT
Purchase BootIt NG.url
VENDINFO.DIZ
bootitng.pdf
.pdf
- http://BootItNG.zip
- http://MakeDisk.zip
- http://command.com
- http://graphics.zip
- http://ibmdos.com
- http://ntdetect.com
- http://terabyteunlimited.com
- http://terabyteunlimited.com/utilities.html#makedisk
- http://www.TeraByteUnlimited.com
- http://www.asp-shareware.com/omb
- http://www.terabyteunlimited.com
- http://www.terabyteunlimited.com/examples.html
- http://www.terabyteunlimited.com/kb/
- http://www.terabyteunlimited.com/kb/,
- http://www.terabyteunlimited.com/purchase.html
- http://www.terabyteunlimited.com/utilities.html#makedisk
- Show all
deploy.txt
graphics.zip
.zip
BINGPSP.PAL
readme.txt
license.txt
makedisk.exe
.exe windows:4 windows x86 arch:x86

f1db3f3ef2631b9c46c74da14a2cf643

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
ImageList_Destroy
ord17
ImageList_ReplaceIcon

kernel32

LoadLibraryA
GetVersionExA
GetFileAttributesA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
GetDriveTypeA
QueryDosDeviceA
GetLogicalDrives
GetProcAddress
WideCharToMultiByte
SetErrorMode
lstrlenA
WriteFile
ReadFile
SetFilePointer
WaitForSingleObject
CreateEventA
GetModuleFileNameA
LocalUnlock
MultiByteToWideChar
LocalFree
LocalLock
LocalAlloc
VirtualUnlock
VirtualLock
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
VirtualAlloc
CreateFileA
GetStringTypeW
GetStringTypeA
HeapSize
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetTimeZoneInformation
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSection
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
HeapDestroy
DeleteCriticalSection
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
InterlockedDecrement
GetCurrentThreadId
SetEndOfFile
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
Sleep
DeviceIoControl
CloseHandle
VirtualFree
GetModuleHandleA
FreeLibrary
SearchPathA
GetLastError
GetPrivateProfileStringA
GetLocaleInfoA
RtlUnwind
ExitThread
ResumeThread
CreateThread
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
TlsGetValue

user32

OemToCharA
SystemParametersInfoA
GetDesktopWindow
MessageBeep
DrawTextA
GetDialogBaseUnits
DialogBoxIndirectParamA
EndDialog
IsWindow
WinHelpA
CheckDlgButton
GetSystemMenu
EnableMenuItem
SetWindowLongA
BeginPaint
DrawIcon
EndPaint
FindWindowA
IsIconic
SetForegroundWindow
GetMessageA
DispatchMessageA
IsDialogMessageA
TranslateMessage
LoadCursorA
RegisterClassA
CreateDialogParamA
DestroyWindow
PostQuitMessage
PostMessageA
RegisterWindowMessageA
DefDlgProcA
KillTimer
InvalidateRect
SetTimer
SetFocus
ScreenToClient
LoadIconA
EnableWindow
wsprintfA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemTextA
ShowWindow
LoadStringA
SetDlgItemTextA
SendMessageA
GetWindowRect
GetDlgItem
SetWindowPos
MessageBoxA
GetSystemMetrics

gdi32

SelectObject
DeleteDC
GetStockObject
GetObjectA
CreateFontIndirectA
DeleteObject
CreateDCA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pad_file.htm
pad_file.xml
.xml
安装说明.url
.url

Sharing

General

Malware Config

Signatures

Files

f1db3f3ef2631b9c46c74da14a2cf643

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 160KB - Virtual size: 157KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 160KB - Virtual size: 157KB