4c907975989a30f6d4f0fe30142d6de2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c907975989a30f6d4f0fe30142d6de2_JaffaCakes118
Size

744KB
MD5

4c907975989a30f6d4f0fe30142d6de2
SHA1

d55ab02ee78a672c561caa387037c59771391fd3
SHA256

8bd57ece51c2157dfe0733e9ef8653c4cf1e418e1ad9daa97306a059b57d0085
SHA512

c72e1cd10b3ef31408f62f458c54cc2d98a5a97ca29e57cdb90398383d017f07e33158cb6c96a24df9e82cb1005680ec9482327b193611d02e0685f5c0515bd9
SSDEEP

12288:0tzL5Zol3KyphdUPt33X4xXjaXcds6l2UNpa5sVUkTDjHHFA5Fm5lmxwPwo6mfmf:4LtMDutX4xXd1ltpaSlDDFMm5AY6TLFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/12timer.exe

Files

4c907975989a30f6d4f0fe30142d6de2_JaffaCakes118
.rar
12timer.exe
.exe windows:4 windows x86 arch:x86

b7c36ee29dad533b9e096f928c2537da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

ReadFile
CloseHandle
GetFileSize
CreateFileA
GetModuleFileNameA
CreateDirectoryA
GetFileAttributesA
Sleep
GetStringTypeW
GetStringTypeA
LCMapStringW
lstrcatA
GetTempPathA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
RtlUnwind
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
SetFileAttributesA
WriteFile
LocalFileTimeToFileTime
SetFileTime
GetCommandLineA
lstrlenA
lstrcpyA
MulDiv
LCMapStringA
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
HeapFree
HeapAlloc
GetVersionExA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte

user32

GetClassLongA
DestroyWindow
CreateDialogParamA
ShowWindow
MessageBoxA
UpdateWindow
wsprintfA
GetAsyncKeyState
DialogBoxParamA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
GetClassNameA
GetDlgItemTextA
SetDlgItemTextA
IsDlgButtonChecked
LoadImageA
CheckDlgButton
SetFocus
GetDlgItem
GetSysColor
EndDialog
LoadIconA
SetClassLongA
SendDlgItemMessageA
DestroyIcon
GetSysColorBrush
GetDC
ReleaseDC
SendMessageA
LoadCursorA

gdi32

SetBkColor
GetDeviceCaps
CreateFontA
DeleteObject
SetTextColor

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHChangeNotify
SHGetMalloc
SHBrowseForFolderA
ShellExecuteA

ole32

OleUninitialize
OleInitialize

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

b7c36ee29dad533b9e096f928c2537da

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 12KB - Virtual size: 11KB