4983a2b9bd5bf2796b16e2c07808caca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4983a2b9bd5bf2796b16e2c07808caca_JaffaCakes118
Size

882KB
MD5

4983a2b9bd5bf2796b16e2c07808caca
SHA1

717b29c82753dabba1917196c42ddee996dbbe1d
SHA256

22990d6e05c0d726bed1bf48ae59d0912789d1994249f973dcd4b33b02377d70
SHA512

aaf5edb28ede4545a3e8357825cbd4effe479bd58709e6460a97902730e395966744177c2e1b7780fb0119f02ad44afcb0dde112f05646dcd47de745698c1104
SSDEEP

24576:mnHSoEz1mOEUTOUtdXJoSWECkQOIG5EbVZ:mnHSoEzwOzTjJoSWEGxG5EZZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2Two Bar 1024x768/Bar/OpenStartMenu.exe
unpack001/2Two Bar2 1366x768/Bar/OpenStartMenu.exe
unpack001/Full Install.exe

Files

4983a2b9bd5bf2796b16e2c07808caca_JaffaCakes118
.zip
2Two Bar 1024x768/Bar 2/1.ini
2Two Bar 1024x768/Bar 2/Disable.png
.png
2Two Bar 1024x768/Bar 2/Enable.png
.png
2Two Bar 1024x768/Bar 2/Icons/Thumbs.db
2Two Bar 1024x768/Bar 2/Icons/monitor.png
.png
2Two Bar 1024x768/Bar 2/Icons/recycleempty.png
.png
2Two Bar 1024x768/Bar 2/Icons/recyclefull.png
.png
2Two Bar 1024x768/Bar 2/Next.png
.png
2Two Bar 1024x768/Bar 2/Pause.png
.png
2Two Bar 1024x768/Bar 2/Play.png
.png
2Two Bar 1024x768/Bar 2/Prev.png
.png
2Two Bar 1024x768/Bar 2/Thumbs.db
2Two Bar 1024x768/Bar 2/background.png
.png
2Two Bar 1024x768/Bar 2/case.png
.png
2Two Bar 1024x768/Bar 2/feel/0.PNG
.png
2Two Bar 1024x768/Bar 2/feel/1.PNG
.png
2Two Bar 1024x768/Bar 2/feel/2.PNG
.png
2Two Bar 1024x768/Bar 2/feel/3.PNG
.png
2Two Bar 1024x768/Bar 2/feel/4.PNG
.png
2Two Bar 1024x768/Bar 2/feel/5.PNG
.png
2Two Bar 1024x768/Bar 2/feel/6.PNG
.png
2Two Bar 1024x768/Bar 2/feel/7.PNG
.png
2Two Bar 1024x768/Bar 2/feel/8.png
.png
2Two Bar 1024x768/Bar 2/feel/9.png
.png
2Two Bar 1024x768/Bar 2/feel/Thumbs.db
2Two Bar 1024x768/Bar 2/itunesb.png
.png
2Two Bar 1024x768/Bar/2.ini
2Two Bar 1024x768/Bar/OpenStartMenu.exe
.exe windows:4 windows x86 arch:x86

806a4fdca562a271a0c66da90b859fba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\csalmon\Mes documents\Visual Studio Projects\OpenStartMenu\release\OpenStartMenu.pdb

Imports

kernel32

Sleep
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime

user32

SetWindowPos
GetSystemMetrics
GetWindowRect
GetCursorPos
IsWindowVisible
IsWindow
SendMessageW
MessageBoxW
ShowWindow
FindWindowW

msvcr80

_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
_wtoi
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
wcstok
__p__commode

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
2Two Bar 1024x768/Bar/background.png
.png
2Two Bar 1024x768/Bar/color.png
.png
2Two Bar 1024x768/Bar/colorH.png
.png
2Two Bar 1024x768/Bar/ok.png
.png
2Two Bar2 1366x768/Bar 2/1.ini
2Two Bar2 1366x768/Bar 2/Disable.png
.png
2Two Bar2 1366x768/Bar 2/Enable.png
.png
2Two Bar2 1366x768/Bar 2/Icons/monitor.png
.png
2Two Bar2 1366x768/Bar 2/Icons/recycleempty.png
.png
2Two Bar2 1366x768/Bar 2/Icons/recyclefull.png
.png
2Two Bar2 1366x768/Bar 2/Next.png
.png
2Two Bar2 1366x768/Bar 2/Pause.png
.png
2Two Bar2 1366x768/Bar 2/Play.png
.png
2Two Bar2 1366x768/Bar 2/Prev.png
.png
2Two Bar2 1366x768/Bar 2/background.png
.png
2Two Bar2 1366x768/Bar 2/case.png
.png
2Two Bar2 1366x768/Bar 2/feel/0.PNG
.png
2Two Bar2 1366x768/Bar 2/feel/1.PNG
.png
2Two Bar2 1366x768/Bar 2/feel/2.PNG
.png
2Two Bar2 1366x768/Bar 2/feel/3.PNG
.png
2Two Bar2 1366x768/Bar 2/feel/4.PNG
.png
2Two Bar2 1366x768/Bar 2/feel/5.PNG
.png
2Two Bar2 1366x768/Bar 2/feel/6.PNG
.png
2Two Bar2 1366x768/Bar 2/feel/7.PNG
.png
2Two Bar2 1366x768/Bar 2/feel/8.png
.png
2Two Bar2 1366x768/Bar 2/feel/9.png
.png
2Two Bar2 1366x768/Bar 2/itunesb.png
.png
2Two Bar2 1366x768/Bar/2.ini
2Two Bar2 1366x768/Bar/OpenStartMenu.exe
.exe windows:4 windows x86 arch:x86

806a4fdca562a271a0c66da90b859fba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\csalmon\Mes documents\Visual Studio Projects\OpenStartMenu\release\OpenStartMenu.pdb

Imports

kernel32

Sleep
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime

user32

SetWindowPos
GetSystemMetrics
GetWindowRect
GetCursorPos
IsWindowVisible
IsWindow
SendMessageW
MessageBoxW
ShowWindow
FindWindowW

msvcr80

_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
_wtoi
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
wcstok
__p__commode

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
2Two Bar2 1366x768/Bar/background.png
.png
2Two Bar2 1366x768/Bar/color.png
.png
2Two Bar2 1366x768/Bar/colorH.png
.png
2Two Bar2 1366x768/Bar/ok.png
.png
Full Install.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 728KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

806a4fdca562a271a0c66da90b859fba

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcr80

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 908B

.rsrc Size: 7KB - Virtual size: 7KB

806a4fdca562a271a0c66da90b859fba

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcr80

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 908B

.rsrc Size: 7KB - Virtual size: 7KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 728KB - Virtual size: 726KB

.rsrc Size: 80KB - Virtual size: 78KB

.reloc Size: 4KB - Virtual size: 12B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 908B

.rsrc
Size: 7KB - Virtual size: 7KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 908B

.rsrc
Size: 7KB - Virtual size: 7KB

.text
Size: 728KB - Virtual size: 726KB

.rsrc
Size: 80KB - Virtual size: 78KB

.reloc
Size: 4KB - Virtual size: 12B