35cb2e11d2a1c6b85cc9fb118ad78cc6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35cb2e11d2a1c6b85cc9fb118ad78cc6_JaffaCakes118
Size

133KB
MD5

35cb2e11d2a1c6b85cc9fb118ad78cc6
SHA1

1733da88041f2e364f3c63257735045f7d92c32e
SHA256

033c335b71b133b757124e64f96ede1f5da7f6b620e1917cf1abe2c44b516b9d
SHA512

ffcf106ef491cba6aa35307b61bcebea7e523a6c39be5224c4616377c568bec0c7912d9be60c41b0f99648f5fd5afcc2e7287660c8451c2e4537aa94472c16d0
SSDEEP

3072:Ah1b81cAZzM86Qz/LfpcHcmkVHjGRzzTbwt+Hx3kk:dVZgqDfpKcmkVHGD0ts3kk

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Choose32.exe
unpack001/Choose64.exe
unpack001/EditV32.exe
unpack001/EditV64.exe

Files

35cb2e11d2a1c6b85cc9fb118ad78cc6_JaffaCakes118
.zip
CHOOSE.EXE
Choose.txt
Choose32.exe
.exe windows:4 windows x86 arch:x86

9d4ea2f3a17fa54d6f370821dd974b33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeLibrary
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadPriority
GetTickCount
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
ReadConsoleInputA
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetEvent
SetFilePointer
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

user32

CharLowerBuffW
CharUpperBuffW
MessageBoxA

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Choose64.exe
.exe windows:4 windows x64 arch:x64

9ef2dcb34417808363d8547e63594b3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeLibrary
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadPriority
GetTickCount
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
ReadConsoleInputA
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetEvent
SetFilePointer
SetLastError
SetStdHandle
SetThreadPriority
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

user32

CharLowerBuffW
CharUpperBuffW
MessageBoxA

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EDITVAR.EXE
EditV32.exe
.exe windows:4 windows x86 arch:x86

aa780eba26fe493c55cc75854de41f14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateRemoteThread
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FormatMessageA
FreeLibrary
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeThread
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadPriority
GetTickCount
GetVersionExA
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
OpenProcess
ReadConsoleInputA
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetEvent
SetFilePointer
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
VirtualAllocEx
VirtualFreeEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
WriteProcessMemory

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

user32

CharLowerBuffW
CharUpperBuffW
MessageBoxA

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
EditV64.exe
.exe windows:4 windows x64 arch:x64

bddf7155c885705524b7a449fdfdab96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileA
CreateRemoteThread
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FormatMessageA
FreeLibrary
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeThread
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadPriority
GetTickCount
GetVersionExA
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
OpenProcess
ReadConsoleInputA
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetEvent
SetFilePointer
SetLastError
SetStdHandle
SetThreadPriority
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
VirtualAllocEx
VirtualFreeEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
WriteProcessMemory

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

user32

CharLowerBuffW
CharUpperBuffW
MessageBoxA

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EditVar.txt
FAQ.txt
History.txt
License.txt

Sharing

General

Malware Config

Signatures

Files

9d4ea2f3a17fa54d6f370821dd974b33

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

Sections

.text Size: 39KB - Virtual size: 39KB

.data Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 13KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 5KB

9ef2dcb34417808363d8547e63594b3e

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

Sections

.text Size: 54KB - Virtual size: 54KB

.data Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 14KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

aa780eba26fe493c55cc75854de41f14

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 18KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

bddf7155c885705524b7a449fdfdab96

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 20KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 39KB - Virtual size: 39KB

.data
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 13KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 5KB

.text
Size: 54KB - Virtual size: 54KB

.data
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 14KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 18KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 20KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB