69de86c1f4063283b4c3453d4bb631c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69de86c1f4063283b4c3453d4bb631c3_JaffaCakes118
Size

8.4MB
MD5

69de86c1f4063283b4c3453d4bb631c3
SHA1

47218b97f3eeefc4cefed021f7bf4d654e5ef621
SHA256

02aa1fa164bad5e547237262dff6562d7d50f59dcbf85318bce7b25a5f9462d3
SHA512

db8c68379c7a122122134e72e140f00797936ac745b0ba131982da68208926b952512b1db5789abc7e3059a149c5c3667f99b536f673569f43b75c82c5782527
SSDEEP

196608:NWiNzatxg8kHu4ABY3zDRMLRXuukIOxZ6IFHg:0Mkq8KjkY3zDCLkuMJu

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BaseHead 2.5.075 Full Installer.exe
unpack001/crack/BaseHead 2.5.exe

Files

69de86c1f4063283b4c3453d4bb631c3_JaffaCakes118
.rar
155绿色软件站.url
.url
BaseHead 2.5.075 Full Installer.exe
.exe windows:4 windows x86 arch:x86

ccc0e829fe1206cd39d147ca374725d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemTime
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA

comctl32

ord17

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

gdi32

DeleteObject

shell32

SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA

user32

CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA

ole32

CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

Sections

.text
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Readme-Install Notes.rtf
.rtf
crack/BaseHead 2.5.exe
.exe windows:4 windows x86 arch:x86

a2bdb73a58f7690709025e5bdd75aa04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
__vbaVarTstGt
ord690
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaAryMove
ord587
__vbaFreeVar
__vbaLineInputStr
__vbaLateIdCall
__vbaLenBstr
ord588
__vbaStrVarMove
__vbaVarIdiv
__vbaVargObjAddref
__vbaEnd
ord697
__vbaPut3
__vbaFreeVarList
_adj_fdiv_m64
__vbaFpCDblR8
__vbaPut4
__vbaVarIndexStore
__vbaLineInputVar
__vbaGetFxStr3
__vbaFreeObjList
__vbaGetFxStr4
ord516
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
ord518
ord519
__vbaResume
__vbaCopyBytes
__vbaVarCmpNe
__vbaStrCat
__vbaError
ord552
ord553
__vbaLsetFixstr
ord660
__vbaRecDestruct
__vbaSetSystemError
ord662
__vbaNameFile
__vbaHresultCheckObj
ord557
ord558
__vbaLenVar
_adj_fdiv_m32
__vbaVarTstLe
__vbaAryVar
__vbaAryDestruct
ord669
__vbaLateMemSt
__vbaStrBool
__vbaForEachCollObj
__vbaBoolStr
__vbaExitProc
__vbaVarForInit
ord593
ord300
ord301
__vbaStrLike
__vbaOnError
__vbaObjSet
ord595
ord302
ord596
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord304
__vbaVarIndexLoad
ord598
ord305
__vbaFpR4
ord306
__vbaBoolVar
__vbaForEachCollVar
__vbaStrFixstr
ord520
ord307
ord308
__vbaFPFix
ord309
__vbaRefVarAry
__vbaFpR8
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
ord709
__vbaErase
ord631
__vbaVarCmpGt
__vbaNextEachCollObj
__vbaVargVarMove
ord632
ord525
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
ord527
ord528
__vbaGenerateBoundsError
__vbaGet3
__vbaStrCmp
ord529
__vbaGet4
__vbaPutOwner3
__vbaAryConstruct2
__vbaVarTstEq
ord560
__vbaPutOwner4
__vbaVarLikeVar
__vbaNextEachCollVar
ord561
__vbaPrintObj
__vbaI2I4
__vbaObjVar
DllFunctionCall
__vbaVarOr
__vbaVarLateMemSt
__vbaCastObjVar
__vbaStrR4
__vbaLbound
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
ord569
__vbaLateIdCallLd
__vbaStrR8
__vbaRedim
__vbaRecUniToAnsi
__vbaDerefAry
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
ord310
__vbaLateIdCallSt
__vbaVarAnd
ord311
EVENT_SINK_QueryInterface
__vbaUI1I4
ord710
__vbaVarMul
__vbaExceptHandler
ord312
ord711
ord313
__vbaPrintFile
__vbaStrToUnicode
ord712
ord713
ord606
_adj_fprem
_adj_fdivr_m64
__vbaR8ErrVar
__vbaVarDiv
ord607
__vbaI2Str
ord714
ord608
ord531
__vbaFPException
__vbaInStrVar
ord717
__vbaGetOwner3
__vbaUbound
__vbaStrVarVal
__vbaGetOwner4
__vbaVarCat
__vbaDateVar
__vbaI2Var
ord537
ord644
ord645
_CIlog
__vbaErrorOverflow
ord647
__vbaFileOpen
ord570
ord648
__vbaInStr
__vbaR8Str
__vbaNew2
__vbaVarLateMemCallLdRf
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaVarSetObj
ord573
__vbaStrCopy
ord681
__vbaI4Str
__vbaVarCmpLt
__vbaFreeStrList
__vbaVarNot
ord576
__vbaDerefAry1
_adj_fdivr_m32
__vbaR8Var
__vbaPowerR8
ord577
_adj_fdiv_r
ord578
ord685
ord100
ord579
__vbaVarTstNe
__vbaI4Var
ord689
__vbaVarCmpEq
ord610
__vbaLateMemCall
__vbaAryLock
__vbaVarAdd
ord612
__vbaStrComp
__vbaStrToAnsi
__vbaVarDup
__vbaFpI2
__vbaVarMod
ord616
__vbaUnkVar
__vbaVarLateMemCallLd
__vbaVarTstGe
__vbaFpI4
__vbaVarCopy
__vbaRecDestructAnsi
ord617
_CIatan
__vbaI2ErrVar
__vbaAryCopy
__vbaStrMove
__vbaCastObj
ord618
__vbaPutFxStr3
ord619
__vbaStrVarCopy
ord542
ord650
ord543
_allmul
__vbaVarLateMemCallSt
ord544
__vbaLateIdSt
ord545
_CItan
ord546
ord547
__vbaFPInt
__vbaUI1Var
__vbaAryUnlock
__vbaFpCSngR8
__vbaVarForNext
_CIexp
__vbaMidStmtBstr
ord580
__vbaRecAssign
__vbaFreeObj
__vbaFreeStr
__vbaI4ErrVar
ord581

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccc0e829fe1206cd39d147ca374725d4

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

comdlg32

gdi32

shell32

user32

ole32

Sections

.text Size: 78KB - Virtual size: 80KB

.data Size: 2KB - Virtual size: 32KB

.idata Size: 4KB - Virtual size: 8KB

.rsrc Size: 15KB - Virtual size: 16KB

a2bdb73a58f7690709025e5bdd75aa04

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.data Size: 4KB - Virtual size: 39KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 78KB - Virtual size: 80KB

.data
Size: 2KB - Virtual size: 32KB

.idata
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 15KB - Virtual size: 16KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 4KB - Virtual size: 39KB

.rsrc
Size: 48KB - Virtual size: 45KB