5d73c2434fa58b82a9d3c38ede046865_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d73c2434fa58b82a9d3c38ede046865_JaffaCakes118
Size

156KB
MD5

5d73c2434fa58b82a9d3c38ede046865
SHA1

29bd0a834dbcc4fe289682f314c77ef5495bfc0f
SHA256

49a4229b1028dc6fae5883c4c037db5c3595021ce017a6341aa8cec59f132539
SHA512

2a5ff5c4ce278af4f9fbb2c284e3353c944bf301b37298ee14807c2e3e1eae24408daff566c434d5bc0837e9f63207115b35b3be92693caa3e8109e843b2a0cf
SSDEEP

3072:+WbTRa51b4m6+fAMzXJWiwbjANEJbmhWfEZdSr5xnzSF6XouCmsa:1y6m3AsEAET4dSFxnzn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SETUP.EXE

Files

5d73c2434fa58b82a9d3c38ede046865_JaffaCakes118
.zip
FILE_ID.DIZ
SETUP.EXE
.exe windows:4 windows x86 arch:x86

0e5c530fb8dbe0cc3221c1f4d7247101

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
GetTimeZoneInformation
ResumeThread
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
WriteFile
GetExitCodeProcess
lstrcpyA
ExitProcess
Sleep
GetTickCount
GetSystemDirectoryA
GetStartupInfoA
GetModuleHandleA
CreateProcessA
WaitForSingleObject
CopyFileA
LoadLibraryA
GetProcAddress
FreeLibrary
MulDiv
GetTempPathA
GetModuleFileNameA
FindClose
MoveFileExA
GetWindowsDirectoryA
lstrcatA
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
SetFilePointer
SetEndOfFile
MultiByteToWideChar
FindFirstFileA
FindNextFileA
lstrlenA

user32

ReleaseDC
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
InvalidateRect
LoadIconA
IsDlgButtonChecked
GetClientRect
MessageBoxA
SetWindowPos
GetDesktopWindow
GetWindowRect
EndDialog
GetDlgItemTextA
SetDlgItemTextA
LoadImageA
SetWindowTextA
DialogBoxParamA
UpdateWindow
SetForegroundWindow
GetDlgItem
SetClassLongA
GetKeyboardLayoutList
RedrawWindow
ExitWindowsEx
PostQuitMessage
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
DefWindowProcA
DestroyWindow
BeginPaint
InflateRect
DrawTextA
EndPaint
CreateWindowExA
SendMessageA
GetDC
wsprintfA
ShowWindow

gdi32

SetBkMode
SetTextColor
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
BitBlt
StretchBlt
DeleteDC
GetDeviceCaps
CreateFontA
DeleteObject
SelectObject
CreateSolidBrush

advapi32

RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueA
RegCreateKeyA
RegSetValueExA
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

ole32

OleUninitialize
OleInitialize
CoCreateInstance
StgOpenStorage

winmm

PlaySoundA
mciSendStringA

msvcrt

strrchr
_filelength
_strlwr
_chmod
_stricmp
_memicmp
_unlink
_rmdir
_strdup
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
setlocale
__p___argc
__p___argv
ftell
calloc
isalnum
_mbsrchr
strtok
_splitpath
rename
_access
__CxxFrameHandler
_fsopen
fseek
fread
memcmp
??2@YAPAXI@Z
fwrite
_tempnam
fopen
fclose
malloc
mbstowcs
wcstombs
sprintf
_mkdir
_CxxThrowException
memcpy
memset
??3@YAXPAX@Z
free
atoi
strcmp
strcat
strcpy
strlen
memmove
strchr
strstr
_fileno

comctl32

ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetGetConnectedState
InternetGetCookieA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e5c530fb8dbe0cc3221c1f4d7247101

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

winmm

msvcrt

comctl32

version

wininet

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 36KB - Virtual size: 33KB