742df93493bbb152c1629a132ec32599_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

742df93493bbb152c1629a132ec32599_JaffaCakes118
Size

25KB
MD5

742df93493bbb152c1629a132ec32599
SHA1

a2e437295ec7e2630b866f6a5e9733242359415c
SHA256

d0778f62cce817808e75daf496ccd0fdcc604c7c139aa190379d0cbe60294c30
SHA512

14b07c4884b3156ca546c8b03daf28044acd3e8601e29fb0c17b01145293b18c59102b02add2880ce496be178fbeaab3fd3d5ce389b541b2bf1819cda0233f79
SSDEEP

768:RwntN6Cavulff71jDSiu6GUVNOIy6UtrwlUXaKMTg:A6z471qt6GU3hPUylUag

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/crack/mech.patch.of.wildfire.3.0.exe
unpack001/crack/ptc.distributed.services.generic-patch.exe
unpack001/crack/ptc.pro engineer.wildfire.3.0.generic-patch.exe

Files

742df93493bbb152c1629a132ec32599_JaffaCakes118
.rar
crack/mech.patch.of.wildfire.3.0.exe
.exe windows:4 windows x86 arch:x86

1eae0d37eb5a00a753e7a55351af7932

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowRgn
SetWindowLongA
SetFocus
SetWindowTextA
ShowWindow
SetDlgItemTextA
SetClassLongA
SetCapture
SendMessageA
ReleaseCapture
RedrawWindow
PtInRect
OffsetRect
MessageBoxA
LoadIconA
LoadCursorA
IsDlgButtonChecked
InvalidateRect
GetWindowRect
GetWindowLongA
GetParent
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetCursorPos
GetCapture
GetActiveWindow
EndDialog
DrawTextA
DialogBoxParamA
CheckDlgButton
CallWindowProcA

kernel32

RtlZeroMemory
CompareStringA
GetModuleFileNameA
SetCurrentDirectoryA
CreateDirectoryA
FlushFileBuffers
WriteFile
lstrlenA
lstrcpyA
lstrcmpiA
lstrcatA
WinExec
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindResourceA
FreeLibrary
GetCommandLineA
GetFileAttributesA
GetFileSize
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
LoadResource
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SizeofResource
UnmapViewOfFile

shell32

ShellExecuteA

gdi32

GetStockObject
RoundRect
SelectObject
CreateFontIndirectA
CreateSolidBrush
ExtCreateRegion
GetObjectA
SetTextColor
SetBkMode
SetBkColor

comctl32

InitCommonControls

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

comdlg32

GetOpenFileNameA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
crack/ptc.distributed.services.generic-patch.exe
.exe windows:4 windows x86 arch:x86

e11ed5ded2ab8052c2ef1e9dd7545734

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowRgn
SetWindowLongA
SetDlgItemTextA
SetClassLongA
SetWindowTextA
ShowWindow
SetCapture
SendMessageA
ReleaseCapture
RedrawWindow
PtInRect
OffsetRect
MessageBoxA
LoadIconA
LoadCursorA
IsDlgButtonChecked
InvalidateRect
GetWindowRect
GetWindowLongA
CharUpperA
GetParent
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetCursorPos
GetCapture
GetActiveWindow
EndDialog
DrawTextA
DialogBoxParamA
CheckDlgButton
CallWindowProcA

kernel32

GetModuleFileNameA
FlushFileBuffers
WriteFile
RtlZeroMemory
SetCurrentDirectoryA
lstrlenA
lstrcpyA
lstrcmpiA
lstrcatA
WinExec
UnmapViewOfFile
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindResourceA
FreeLibrary
GetCommandLineA
GetFileAttributesA
GetFileSize
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
LoadResource
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SizeofResource

shell32

ShellExecuteA

gdi32

SetBkColor
CreateSolidBrush
ExtCreateRegion
GetObjectA
GetStockObject
SetTextColor
SetBkMode
CreateFontIndirectA
SelectObject
RoundRect

comctl32

InitCommonControls

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

comdlg32

GetOpenFileNameA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
crack/ptc.pro engineer.wildfire.3.0.generic-patch.exe
.exe windows:4 windows x86 arch:x86

e11ed5ded2ab8052c2ef1e9dd7545734

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowRgn
SetWindowLongA
SetDlgItemTextA
SetClassLongA
SetWindowTextA
ShowWindow
SetCapture
SendMessageA
ReleaseCapture
RedrawWindow
PtInRect
OffsetRect
MessageBoxA
LoadIconA
LoadCursorA
IsDlgButtonChecked
InvalidateRect
GetWindowRect
GetWindowLongA
CharUpperA
GetParent
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetCursorPos
GetCapture
GetActiveWindow
EndDialog
DrawTextA
DialogBoxParamA
CheckDlgButton
CallWindowProcA

kernel32

GetModuleFileNameA
FlushFileBuffers
WriteFile
RtlZeroMemory
SetCurrentDirectoryA
lstrlenA
lstrcpyA
lstrcmpiA
lstrcatA
WinExec
UnmapViewOfFile
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindResourceA
FreeLibrary
GetCommandLineA
GetFileAttributesA
GetFileSize
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
LoadResource
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SizeofResource

shell32

ShellExecuteA

gdi32

SetBkColor
CreateSolidBrush
ExtCreateRegion
GetObjectA
GetStockObject
SetTextColor
SetBkMode
CreateFontIndirectA
SelectObject
RoundRect

comctl32

InitCommonControls

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

comdlg32

GetOpenFileNameA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
crack/ptc_licfile.dat
crack/readme.txt

Sharing

General

Malware Config

Signatures

Files

1eae0d37eb5a00a753e7a55351af7932

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

comctl32

advapi32

comdlg32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

e11ed5ded2ab8052c2ef1e9dd7545734

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

comctl32

advapi32

comdlg32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 4KB

e11ed5ded2ab8052c2ef1e9dd7545734

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

comctl32

advapi32

comdlg32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 6KB - Virtual size: 5KB