3041ad49bbde1e77cd0e4e711f3cddda_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3041ad49bbde1e77cd0e4e711f3cddda_JaffaCakes118
Size

4.2MB
MD5

3041ad49bbde1e77cd0e4e711f3cddda
SHA1

97ee09ad37c55e831a031efbe19b2c4ef6637b07
SHA256

bbf3433bfebada86da79c05681c4d8e3d28ead262d64a44eb51c12818982627d
SHA512

a59ab2382be8ad8c75956372ea760c899f932a4071b706458a77ef68b00ff35fd9226994ca18d40fcd7fbe234b22c424cfbec6bb2d5dff696db345c8661d3435
SSDEEP

98304:Wzf/kccKOh3zxVLsb3u5LGppsQ/jlFbw9Ilr+Ir:W7HcKOhgb3u5qMypwJ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Keygen/keygen.exe
unpack001/SyserSetupRelease.exe

Files

3041ad49bbde1e77cd0e4e711f3cddda_JaffaCakes118
.rar
155绿色软件站.url
.url
Keygen/keygen.exe
.exe windows:4 windows x86 arch:x86

577e94d154d4792df2c708e9a1f6f369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memmove
strlen
sprintf
strcmp
strncmp

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
GetCurrentThreadId
GetCurrentProcessId
HeapAlloc
HeapFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetLastError
HeapReAlloc

comctl32

InitCommonControls
InitCommonControlsEx

user32

MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
DestroyWindow
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
SendMessageA
GetWindowLongA
CreateWindowExA
GetWindow
SetWindowLongA
GetWindowRect
GetSysColor
GetSysColorBrush
PostMessageA
CallWindowProcA
GetParent
MapWindowPoints
MoveWindow
RedrawWindow
InvalidateRect
RemovePropA
DefWindowProcA
SetPropA
GetPropA
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
LoadCursorA
PeekMessageA
MsgWaitForMultipleObjects
GetMessageA
GetActiveWindow
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
RegisterClassA
AdjustWindowRect
GetSystemMetrics
ShowWindow
CreateAcceleratorTableA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
GetKeyState
SetCapture
GetCursorPos
ReleaseCapture
SetFocus
GetFocus
IsChild
GetClassNameA
EnumChildWindows
GetClientRect
FillRect
DefFrameProcA

gdi32

GetStockObject
SetBkColor
SetTextColor
CreateSolidBrush
DeleteObject

ole32

CoInitialize
RevokeDragDrop

Sections

.code
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SyserSetupRelease.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

577e94d154d4792df2c708e9a1f6f369

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

ole32

Sections

.code Size: 1KB - Virtual size: 1KB

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 142B

.data Size: 3KB - Virtual size: 3KB

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 36KB - Virtual size: 36KB

DATA Size: 1024B - Virtual size: 588B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.code
Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 142B

.data
Size: 3KB - Virtual size: 3KB

CODE
Size: 36KB - Virtual size: 36KB

DATA
Size: 1024B - Virtual size: 588B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB