1c19a0df5abe6a6b978e23c32c7b5a54_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c19a0df5abe6a6b978e23c32c7b5a54_JaffaCakes118
Size

8.3MB
MD5

1c19a0df5abe6a6b978e23c32c7b5a54
SHA1

9e6ca5b853f5f6771939bdf7b3d4493c0ae2a8f4
SHA256

31307fd48576c3d1a61fbc70e6f7a63d39d903dea4b1a8d47089ad15ce3632a6
SHA512

d92cfac8410f9d0d69989b9806c653758cc52ab83c6c0649533319c46e794cdcec024bcc73e6c72bc62ded3fe8b33434b8235c783d2e34aebe0541895a427b31
SSDEEP

196608:i4XXRWPLSYA9QL0ev7+fuM+lA8oHpD8l3QNE/aNd:i40G1QL08+GvlA8o2l3p/Md

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Bypass-Tools/CGWebInstall2.exe
unpack001/Bypass-Tools/GPass-4.1.02.exe
unpack001/Bypass-Tools/U952.exe
unpack001/Bypass-Tools/fg679p2.exe

Files

1c19a0df5abe6a6b978e23c32c7b5a54_JaffaCakes118
.rar
Bypass-Tools/Bonus/Mercedes_Benz_SLS_3_by_husseindesign.jpg
.jpg
Bypass-Tools/Bonus/PaintedCars (11).jpg
.jpg
Bypass-Tools/Bonus/PaintedCars (12).jpg
.jpg
Bypass-Tools/Bonus/PaintedCars (14).jpg
.jpg
Bypass-Tools/Bonus/PaintedCars (30).jpg
.jpg
Bypass-Tools/Bonus/PaintedCars (33).jpg
.jpg
Bypass-Tools/Bonus/PaintedCars (40).jpg
.jpg
Bypass-Tools/Bonus/PaintedCars (5).jpg
.jpg
Bypass-Tools/Bonus/PaintedCars.jpg
.jpg
Bypass-Tools/Bonus/__Dota_Allstars___by_kunkka.jpg
.jpg
Bypass-Tools/Bonus/animator_vs_animation.jpg
.jpg
Bypass-Tools/Bonus/aston_martin_amv10_concept_____by_sabaman.jpg
.jpg
Bypass-Tools/Bonus/bbjdjeeaefdjd-Magic-Man-David-Blane.jpg
.jpg
Bypass-Tools/Bonus/moon_car_by_kazimdoku.jpg
.jpg
Bypass-Tools/CGWebInstall2.exe
.exe windows:4 windows x86 arch:x86

95e5bfd2ae036fbb9a0537ff4b3f4aea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetComputerNameA
GetVolumeInformationA
GetDriveTypeA
LoadResource
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
LockResource
SizeofResource
FreeResource
GetModuleFileNameA
FreeLibrary
GetShortPathNameA

user32

FindWindowA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

ShellExecuteA

msvcrt

_XcptFilter
strcat
strcpy
strlen
fclose
fread
malloc
ftell
fseek
fopen
strncpy
sprintf
exit
fwrite
memcpy
free
sscanf
strncat
realloc
_exit
memcmp
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

wininet

FindNextUrlCacheEntryA
InternetOpenUrlA
InternetOpenA
FindCloseUrlCache
InternetCloseHandle
FindFirstUrlCacheEntryA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 710KB - Virtual size: 710KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Bypass-Tools/GPass-4.1.02.exe
.exe windows:4 windows x86 arch:x86

95e5bfd2ae036fbb9a0537ff4b3f4aea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetComputerNameA
GetVolumeInformationA
GetDriveTypeA
LoadResource
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
LockResource
SizeofResource
FreeResource
GetModuleFileNameA
FreeLibrary
GetShortPathNameA

user32

FindWindowA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

ShellExecuteA

msvcrt

_XcptFilter
strcat
strcpy
strlen
fclose
fread
malloc
ftell
fseek
fopen
strncpy
sprintf
exit
fwrite
memcpy
free
sscanf
strncat
realloc
_exit
memcmp
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

wininet

FindNextUrlCacheEntryA
InternetOpenUrlA
InternetOpenA
FindCloseUrlCache
InternetCloseHandle
FindFirstUrlCacheEntryA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Bypass-Tools/U952.exe
.exe windows:4 windows x86 arch:x86

95e5bfd2ae036fbb9a0537ff4b3f4aea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetComputerNameA
GetVolumeInformationA
GetDriveTypeA
LoadResource
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
LockResource
SizeofResource
FreeResource
GetModuleFileNameA
FreeLibrary
GetShortPathNameA

user32

FindWindowA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

ShellExecuteA

msvcrt

_XcptFilter
strcat
strcpy
strlen
fclose
fread
malloc
ftell
fseek
fopen
strncpy
sprintf
exit
fwrite
memcpy
free
sscanf
strncat
realloc
_exit
memcmp
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

wininet

FindNextUrlCacheEntryA
InternetOpenUrlA
InternetOpenA
FindCloseUrlCache
InternetCloseHandle
FindFirstUrlCacheEntryA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Bypass-Tools/fg679p2.exe
.exe windows:4 windows x86 arch:x86

95e5bfd2ae036fbb9a0537ff4b3f4aea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetComputerNameA
GetVolumeInformationA
GetDriveTypeA
LoadResource
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
LockResource
SizeofResource
FreeResource
GetModuleFileNameA
FreeLibrary
GetShortPathNameA

user32

FindWindowA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

ShellExecuteA

msvcrt

_XcptFilter
strcat
strcpy
strlen
fclose
fread
malloc
ftell
fseek
fopen
strncpy
sprintf
exit
fwrite
memcpy
free
sscanf
strncat
realloc
_exit
memcmp
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

wininet

FindNextUrlCacheEntryA
InternetOpenUrlA
InternetOpenA
FindCloseUrlCache
InternetCloseHandle
FindFirstUrlCacheEntryA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95e5bfd2ae036fbb9a0537ff4b3f4aea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

wininet

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 710KB - Virtual size: 710KB

95e5bfd2ae036fbb9a0537ff4b3f4aea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

wininet

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

95e5bfd2ae036fbb9a0537ff4b3f4aea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

wininet

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 461KB - Virtual size: 460KB

95e5bfd2ae036fbb9a0537ff4b3f4aea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

wininet

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 478KB - Virtual size: 477KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 710KB - Virtual size: 710KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 461KB - Virtual size: 460KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 478KB - Virtual size: 477KB