5c44bd541dd1abe916c0887456654455_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5c44bd541dd1abe916c0887456654455_JaffaCakes118
Size

661KB
MD5

5c44bd541dd1abe916c0887456654455
SHA1

ecec717d3a0666e049b7c6c7da91275fc9352682
SHA256

758aa7cd3cefb62026e4b4f7de91621e4803cd8769ff09bf3533ce4f3807b714
SHA512

35c7a0f9ae6ecfb15027d07f4fb92e7c1025dffce7600a9a4e88d5fda0626144107e01cc05c2ef2e849f7cbf2688038f8aa0c1d814e65b4f1563247597f7eb18
SSDEEP

12288:7584I6tlmXclzvShTknoFr+WICK3b4hYjOWdWZjtNYxCiTgp:7bAsEhTk0r4ukhdSmxVc

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/gthing.exe
unpack001/libgthing.dll
unpack001/loader.exe

Files

5c44bd541dd1abe916c0887456654455_JaffaCakes118
.rar
Games/FurnitureFrenzy.jar
.jad
Tools/Device Version.lua
Tools/Device Version.txt
Tools/Email AutoRetrieve.lua
Tools/Email AutoRetrieve.txt
Tools/Java Profile Backup.lua
Tools/Java Profile Backup.txt
Tools/Java Profile Editor.lua
Tools/Java Profile Editor.txt
Tools/My Stuff Softkey Restore.lua
Tools/My Stuff Softkey Restore.txt
Tools/Phone Security Code.lua
Tools/Phone Security Code.txt
gthing.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

y..0
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

l3 1
Size: 310KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
key
libgthing.dll
.dll windows:4 windows x86 arch:x86

b5d3bc4525cf6d704b4eb34aeea32c75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommTimeouts
SetCommState
CloseHandle
GetCommState
PurgeComm
SetupComm
SetCommMask
CreateFileA
ReadFile
Sleep
WriteFile
CreateThread
CreateMutexA
WaitForSingleObject
ReleaseMutex
OpenMutexA
FlushFileBuffers
SetCommTimeouts
DisableThreadLibraryCalls

msvcrt

malloc
strstr
_pctype
__mb_cur_max
_isctype
free
strchr
sprintf
mbstowcs
realloc
_initterm
_adjust_fdiv
wcscmp
_strdup

Exports

Exports

lgAUDIOS
lgAUDIOS_U
lgBreakOperation
lgConnect
lgCreateDirectory
lgDeleteDirectory
lgDeleteFile
lgDirectories
lgDirectories_U
lgDisconnect
lgFileList
lgFileList_U
lgGetDeviceModel
lgGetEmailPreviews
lgGetFile
lgGetIMEI
lgGetMessageCenter
lgGetSMSPDU
lgGetSMSPreviews
lgIMAGES
lgIMAGES_U
lgIsConnected
lgIsGSM
lgKeepAlive
lgOpen
lgProgressCallback
lgPutFile
lgPutFile_U
lgRenameDirectory
lgRenameFile
lgVIDEOS
lgVIDEOS_U

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
loader.exe
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5.94d281
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

EvO
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fwgfu1ml
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4zngow4r
Size: - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xru.8fen
Size: 319KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

y..0 Size: - Virtual size: 312KB

l3 1 Size: 310KB - Virtual size: 312KB

.rsrc Size: 5KB - Virtual size: 8KB

b5d3bc4525cf6d704b4eb34aeea32c75

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: - Virtual size: 16KB

5.94d281 Size: - Virtual size: 4KB

.data Size: - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

EvO Size: - Virtual size: 4KB

fwgfu1ml Size: - Virtual size: 4KB

4zngow4r Size: - Virtual size: 344KB

xru.8fen Size: 319KB - Virtual size: 320KB

y..0
Size: - Virtual size: 312KB

l3 1
Size: 310KB - Virtual size: 312KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: - Virtual size: 16KB

5.94d281
Size: - Virtual size: 4KB

.data
Size: - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

EvO
Size: - Virtual size: 4KB

fwgfu1ml
Size: - Virtual size: 4KB

4zngow4r
Size: - Virtual size: 344KB

xru.8fen
Size: 319KB - Virtual size: 320KB