24cdde0b6167c9a0a2d4087f25d8f6f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

24cdde0b6167c9a0a2d4087f25d8f6f2_JaffaCakes118
Size

18.7MB
MD5

24cdde0b6167c9a0a2d4087f25d8f6f2
SHA1

c5417621c42ad312de8ad5b5bee51b2a822a307e
SHA256

91db0298a7d0783472ca261e2903e23ebe72ca10a5713caa41ee45cf5d252496
SHA512

2e7b50782fcb867e4f840edf8c87578610f94239de8f7950284e8adb19a9c13aea2b4b024950cd3f8d4ba125dc07269a092464cc194d146aec36214e48bd580e
SSDEEP

393216:GcBWQsQ9YVKerO/AdOrRNqVBn4ijiew6lk+wwocOR:G5QDGDmry4aiR63doLR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe

Files

24cdde0b6167c9a0a2d4087f25d8f6f2_JaffaCakes118
.rar
Setup.exe
.exe windows:4 windows x86 arch:x86

8dcee093c360128f859c7cd3e13a1ac4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerInstallFileA

kernel32

AddAtomA
HeapDestroy
GetModuleHandleA
GetStartupInfoA
HeapCreate
ExitProcess
lstrcpyA
GetCommandLineA
HeapAlloc
HeapFree
LockResource
LoadResource
FindResourceA
FindResourceExA
RemoveDirectoryA
LocalFree
FormatMessageA
InterlockedDecrement
SetEvent
OpenEventA
CopyFileA
GetTempFileNameA
GetTempPathA
WaitForSingleObject
SetFileAttributesA
GetLastError
GetShortPathNameA
GetWindowsDirectoryA
GetFileAttributesA
CreateDirectoryA
SetLastError
lstrlenA
CompareStringA
GetPrivateProfileStringA
GetVersionExA
GlobalLock
GlobalAlloc
GetUserDefaultLangID
GetModuleFileNameA
RtlUnwind
GetAtomNameA
DeleteFileA
Sleep
CloseHandle
lstrlenW
WideCharToMultiByte
GlobalUnlock
GlobalFree
MultiByteToWideChar
GetPrivateProfileIntA
CreateProcessA
CreateFileA
SetErrorMode
CompareStringW

user32

TranslateMessage
PeekMessageA
GetWindowLongA
EndDialog
GetDlgItem
SendMessageA
SetWindowLongA
DispatchMessageA
IsDialogMessageA
CreateDialogIndirectParamA
SetDlgItemTextA
GetDesktopWindow
GetClientRect
GetWindowRect
MoveWindow
CharNextA
CharUpperA
wsprintfA
ReleaseDC
LoadImageA
GetDC
EndPaint
CreateDialogParamA
BeginPaint
DialogBoxIndirectParamA
MessageBoxA
DestroyWindow
CharLowerA

gdi32

DeleteDC
SelectObject
RealizePalette
SelectPalette
UnrealizeObject
CreateCompatibleDC
GetObjectA
GetDeviceCaps
CreateHalftonePalette
CreatePalette
GetSystemPaletteEntries
GetDIBColorTable
BitBlt

advapi32

RegOpenKeyExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA

ole32

CoCreateInstance
CoFreeAllLibraries
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
SysStringLen
SysFreeString
SafeArrayGetLBound
VariantClear
SafeArrayGetElement
SysAllocString
SafeArrayGetUBound

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gda
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Setup.ini
Setup.inx
data1.cab
data1.hdr
data2.cab
ikernel.ex_
layout.bin
setup.bmp
vssver.scc
下载说明.htm
.html .js polyglot
安装指南.doc
.doc windows office2003

Sharing

General

Malware Config

Signatures

Files

8dcee093c360128f859c7cd3e13a1ac4

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 18KB

.gda Size: - Virtual size: 4KB

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 18KB

.gda
Size: - Virtual size: 4KB