2e68b3b59a4e83c2e9ec122f4e6960f1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2e68b3b59a4e83c2e9ec122f4e6960f1_JaffaCakes118
Size

655KB
MD5

2e68b3b59a4e83c2e9ec122f4e6960f1
SHA1

70c1c2b09e495fc5a27d9d36fef718878d869cf7
SHA256

c09bddfad1d24fe750af2c52dee8ef8d8a559b53e5d495373084da8267ab4de6
SHA512

abef14aa8b89286417447a8b2939891204c68fb4c75571497ff665560ad2d1be3b43a3972c30ba91dae09c42a63330f578deb95025cf6245e4e698eb2aa105de
SSDEEP

12288:lwvOrAG4CRvpXKkrUmuMkcL1HcR1yjf3TgEQmx+wWSwDNq/q:qQkCn75NGbyjfDgEQi+wWSaq/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MultiIE.v3.0.ARM.Cracked/MultiIE-v3.0-d50_DesktopInstall.exe

Files

2e68b3b59a4e83c2e9ec122f4e6960f1_JaffaCakes118
.zip
MultiIE.v3.0.ARM.Cracked/Crack.txt
MultiIE.v3.0.ARM.Cracked/Crack/MultiIE.exe
MultiIE.v3.0.ARM.Cracked/MultiIE-v3.0-d50.arm.CAB
.cab
00000new.003
000setup.008
000setup.999
00readme.005
0MultiIE.007
0license.006
0multiie.001
.html
0multiie.002
.gif
MU4858~1.000
MULTII~1.004
.gif
MultiIE.v3.0.ARM.Cracked/MultiIE-v3.0-d50_DesktopInstall.exe
.exe windows:4 windows x86 arch:x86

605e7cb5f104fc1295d31e7e13daf83c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

comctl32

ord17

kernel32

LocalFileTimeToFileTime
Sleep
CreateFileA
lstrcatA
CompareStringA
CompareStringW
GetVersionExA
ReadFile
SetFilePointer
SetFileAttributesA
QueryPerformanceFrequency
CreateEventA
DosDateTimeToFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
GetFileSize
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
LockResource
LoadResource
SetFileTime
InterlockedIncrement
GetModuleFileNameA
GetTickCount
GetSystemDefaultLCID
GlobalFree
GlobalUnlock
GlobalHandle
WriteFile
InterlockedDecrement
GetPrivateProfileSectionA
SetCurrentDirectoryA
lstrcmpA
MoveFileA
GetSystemInfo
SetLastError
IsValidCodePage
LocalFree
FormatMessageA
GetDiskFreeSpaceA
_lclose
OpenFile
GetDriveTypeA
CreateDirectoryA
GetFileAttributesA
RemoveDirectoryA
GetExitCodeProcess
CreateProcessA
GetCurrentProcess
GetCurrentThread
GetLocaleInfoA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
WritePrivateProfileStringA
lstrcpyA
GetPrivateProfileStringA
lstrlenA
DeleteFileA
CloseHandle
lstrlenW
CopyFileA
GetLastError
WideCharToMultiByte
ExpandEnvironmentStringsA
MultiByteToWideChar
lstrcmpiA
GlobalLock
GetPrivateProfileIntA
GlobalAlloc
SizeofResource
FindResourceA
SetStdHandle
LCMapStringW
IsBadReadPtr
GetStringTypeW
IsBadCodePtr
FlushFileBuffers
GetFileType
LCMapStringA
GetStringTypeA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
LeaveCriticalSection
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
HeapReAlloc
GetEnvironmentStrings
EnterCriticalSection
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TerminateProcess
ExitProcess
RaiseException
HeapFree
HeapAlloc
RtlUnwind
SystemTimeToFileTime
QueryPerformanceCounter
ResetEvent
SetEvent
WaitForSingleObject
lstrcpynA
SearchPathA
FindFirstFileA
VirtualProtect
VirtualQuery
FindClose

user32

DrawIcon
DestroyIcon
ShowWindow
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
SetTimer
PostQuitMessage
KillTimer
PostMessageA
DefWindowProcA
wsprintfA
GetDesktopWindow
DialogBoxParamA
IsWindow
GetDlgItem
EndDialog
ReleaseDC
GetWindowDC
SetWindowPos
ClientToScreen
GetClientRect
SetWindowLongA
EndPaint
SendDlgItemMessageA
ExitWindowsEx
MsgWaitForMultipleObjects
CharPrevA
LoadStringA
SetCursor
GetDlgItemTextA
EnableWindow
MessageBoxA
GetParent
GetSystemMetrics
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
MoveWindow
GetWindowPlacement
SetWindowTextA
GetDC
FillRect
PeekMessageA
MessageBoxIndirectA
DestroyWindow
CreateDialogParamA
BeginPaint
CharNextA
GetWindowLongA
SendMessageA
IsDialogMessageA
GetDlgCtrlID
CharLowerBuffA

gdi32

DeleteObject
BitBlt
SelectObject
DeleteDC
CreateFontIndirectA
GetDeviceCaps
CreateCompatibleDC
SetTextColor
SetBkMode
GetObjectA
TranslateCharsetInfo
GetTextExtentPointA
GetStockObject
CreateDIBitmap

advapi32

AllocateAndInitializeSid
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegSetValueExA
OpenThreadToken
GetTokenInformation
FreeSid
EqualSid
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

ole32

StgOpenStorage
StgIsStorageFile

oleaut32

SysFreeString
SysStringLen
SysAllocString
SysAllocStringLen

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pdateam.nfo

Sharing

General

Malware Config

Signatures

Files

605e7cb5f104fc1295d31e7e13daf83c

Headers

File Characteristics

Imports

version

shell32

comctl32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 48KB - Virtual size: 48KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 48KB - Virtual size: 48KB