4af057724712bba9fc6f4bd0d5cf6732_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4af057724712bba9fc6f4bd0d5cf6732_JaffaCakes118
Size

162KB
MD5

4af057724712bba9fc6f4bd0d5cf6732
SHA1

caa4d7c632aa6fe40fb736dba41a4b7e27cbc544
SHA256

589fe10ac963e91e4f388997709bae16e52a0805f052b725327c0ada95bffd67
SHA512

56b900bb52a924fad2002fbc2ce776f8e179244a536eed52fcb3f0d8f2273a16eb405d0162bb1635ac4e1aded127a0e8aa35812f95491174c853521bb8b0ff8d
SSDEEP

3072:KMthSMNj1SRWZqQtl1XIKO8Td+RvCG9mGac9m6PmygJgx4RI:KMthSWZqQpXlT7Ezag/mxal

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/rpc.exe

Files

4af057724712bba9fc6f4bd0d5cf6732_JaffaCakes118
.zip
FFF.NFO
FILE_ID.DIZ
rpc.exe
.exe windows:4 windows x86 arch:x86

1288d1bea9c5ac1e2ced4151b4a53786

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

atl

AtlAxDialogBoxA
AtlAxGetControl

comctl32

InitCommonControlsEx
CreatePropertySheetPage
PropertySheet

gdi32

SetTextColor
DeleteObject
SetBkMode
GetObjectA
CreateFontIndirectA
SelectObject
GetStockObject

kernel32

IsDBCSLeadByte
GetCPInfo
GetTickCount
SetThreadPriority
GetCurrentThread
Sleep
GetFileSize
GlobalFree
GlobalAlloc
GetLocalTime
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
HeapDestroy
WriteFile
HeapCreate
GetFullPathNameA
GetStartupInfoA
CreateProcessA
GetModuleFileNameA
RaiseException
SystemTimeToFileTime
GetSystemInfo
FileTimeToSystemTime
DeleteFileA
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA
CompareStringA
GetVersionExA
GetFileType
SetFilePointer
GetStdHandle
ReadFile
CreateFileA
CreateFileW
CloseHandle
FormatMessageA
LocalFree
GetLastError
HeapAlloc

msvcrt

__dllonexit
__p___argc
__p___argv
atoi
?_set_new_mode@@YAHH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fclose
fopen
fread
sprintf
sscanf
_isctype
_pctype
__mb_cur_max
_itoa
strncat
_i64toa
pow
div
_beginthread
_except_handler3
memmove
strpbrk
strrchr
isdigit
??2@YAPAXI@Z
vsprintf
exit
strchr
_strnicmp
strncpy
_onexit
_exit
_XcptFilter
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
realloc
malloc
free
__CxxFrameHandler
_mbsdup
_strcmpi
_acmdln

oleaut32

SysAllocString
SysFreeString

shell32

SHGetSpecialFolderLocation
ShellExecuteA
Shell_NotifyIcon
SHGetMalloc
SHGetPathFromIDList

shlwapi

SHGetValueA
SHSetValueA

user32

CharLowerA
OemToCharA
CharUpperA
KillTimer
LoadCursorA
LoadImageA
MessageBoxA
DestroyWindow
CreateDialogParamA
UpdateWindow
EnableWindow
SetMenuDefaultItem
CreatePopupMenu
InsertMenuA
InsertMenuItemA
CallWindowProcA
CheckDlgButton
SetForegroundWindow
GetDoubleClickTime
ShowWindow
SendMessageA
CheckRadioButton
IsDlgButtonChecked
GetDlgItem
GetWindowTextLengthA
LoadMenuA
DestroyMenu
GetSubMenu
TrackPopupMenuEx
GetWindowRect
PostMessageA
GetDlgItemInt
GetDlgItemTextA
GetDlgCtrlID
SetWindowLongA
GetParent
SetDlgItemInt
SetDlgItemTextA
wsprintfA
DialogBoxParamA
EndDialog
SendDlgItemMessageA
SetTimer
SetClassLongA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

Sections

.text
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.patin
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.couffin
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1288d1bea9c5ac1e2ced4151b4a53786

Headers

File Characteristics

Imports

atl

comctl32

gdi32

kernel32

msvcrt

oleaut32

shell32

shlwapi

user32

comdlg32

ole32

Sections

.text Size: 110KB - Virtual size: 112KB

.data Size: 1KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 8KB

.data Size: 55KB - Virtual size: 56KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 17KB - Virtual size: 20KB

.patin Size: 72KB - Virtual size: 76KB

.couffin Size: 4KB - Virtual size: 4KB

.mackt Size: 4KB - Virtual size: 8KB

.text
Size: 110KB - Virtual size: 112KB

.data
Size: 1KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 8KB

.data
Size: 55KB - Virtual size: 56KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 17KB - Virtual size: 20KB

.patin
Size: 72KB - Virtual size: 76KB

.couffin
Size: 4KB - Virtual size: 4KB

.mackt
Size: 4KB - Virtual size: 8KB