2a6a6a67255fa5f0f442e8f29048b00d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a6a6a67255fa5f0f442e8f29048b00d_JaffaCakes118
Size

2.6MB
MD5

2a6a6a67255fa5f0f442e8f29048b00d
SHA1

ffc37f503b183920a7c219d0fe8f9b3a9ac8fe95
SHA256

4cc902a6b226fabd331bf7be111cdf771b12f1f52aa674e8fd62d94beb0bf7ad
SHA512

598c4e3f932ed5ba249c08cff3d67504cb430da4a4166810681f98f5df76726497de2b9a02125f7cc42bf627446f81f1ca68c9a0c39cb3ae34cf38dc2e127356
SSDEEP

49152:j4PfqmbZBwkWgwdnHOWAu9rgNE6r8Is4M5h3Kmnzoio4TaGuW+Jjpz0fN0R6jS:8TN6kf5WjFgzr8Is71KOx9TFu54y5

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Patch.exe
unpack001/SmartyUninstaller2007Pro.exe

Files

2a6a6a67255fa5f0f442e8f29048b00d_JaffaCakes118
.rar
Patch.exe
.exe windows:4 windows x86 arch:x86

1eae0d37eb5a00a753e7a55351af7932

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowRgn
SetWindowLongA
SetFocus
SetWindowTextA
ShowWindow
SetDlgItemTextA
SetClassLongA
SetCapture
SendMessageA
ReleaseCapture
RedrawWindow
PtInRect
OffsetRect
MessageBoxA
LoadIconA
LoadCursorA
IsDlgButtonChecked
InvalidateRect
GetWindowRect
GetWindowLongA
GetParent
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetCursorPos
GetCapture
GetActiveWindow
EndDialog
DrawTextA
DialogBoxParamA
CheckDlgButton
CallWindowProcA

kernel32

RtlZeroMemory
CompareStringA
GetModuleFileNameA
SetCurrentDirectoryA
CreateDirectoryA
FlushFileBuffers
WriteFile
lstrlenA
lstrcpyA
lstrcmpiA
lstrcatA
WinExec
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindResourceA
FreeLibrary
GetCommandLineA
GetFileAttributesA
GetFileSize
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
LoadResource
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SizeofResource
UnmapViewOfFile

shell32

ShellExecuteA

gdi32

GetStockObject
RoundRect
SelectObject
CreateFontIndirectA
CreateSolidBrush
ExtCreateRegion
GetObjectA
SetTextColor
SetBkMode
SetBkColor

comctl32

InitCommonControls

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

comdlg32

GetOpenFileNameA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SmartyUninstaller2007Pro.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

1eae0d37eb5a00a753e7a55351af7932

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

comctl32

advapi32

comdlg32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 119KB - Virtual size: 118KB

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 36KB - Virtual size: 36KB

DATA Size: 1024B - Virtual size: 584B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 119KB - Virtual size: 118KB

CODE
Size: 36KB - Virtual size: 36KB

DATA
Size: 1024B - Virtual size: 584B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 32KB - Virtual size: 31KB