941669e5a125b8a6df4ecce4d7198625_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

941669e5a125b8a6df4ecce4d7198625_JaffaCakes118
Size

1.2MB
MD5

941669e5a125b8a6df4ecce4d7198625
SHA1

285e10e77e6207f637f043954b8b32aa0df8d958
SHA256

004b94b5337400ee1b0f8ba8c29f68f7760b0e8954055a9359ae0096749b15f3
SHA512

357ed5b84677c2917e8171eb60999adb175af6e545541bd4a27eb6024fc9e3f8a3e25cab8a821070f98b41922118f29b08a7f389622e3bdb70bc6e3b42521085
SSDEEP

24576:CyVrRwnDPdouoCtLPxxVvn9qFeoGsfgP9PbgU0bJQQXEErG62cT1Rieb:CCmZbrl+eoGNPZUhlnG6D1Meb

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/phoneAlarm 2.10Build315skins/phoneAlarm.Keygen.exe
unpack001/phoneAlarm 2.10Build315skins/phonealarm209.exe

Files

941669e5a125b8a6df4ecce4d7198625_JaffaCakes118
.zip
phoneAlarm 2.10Build315skins.txt
phoneAlarm 2.10Build315skins/phoneAlarm.Keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
phoneAlarm 2.10Build315skins/phonealarm209.exe
.exe windows:4 windows x86 arch:x86

70b3800082f9a077e556146680a8da82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LoadResource
SizeofResource
FindResourceA
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
GetTempPathA
DeleteFileA
Sleep
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
LockResource
lstrcpyA
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA

lz32

LZCopy
LZOpenFileA
LZClose

user32

MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 746KB - Virtual size: 746KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
phoneAlarm 2.10Build315skins/skins/Manilla.ARM.CAB
.cab
00000000.015
00000001.018
00000002.021
00000003.024
00000004.027
00000005.030
00000006.033
00000007.036
00000008.039
00000009.042
0000000m.016
0000001m.019
0000002m.022
0000003m.025
0000004m.028
0000005m.031
0000006m.034
0000007m.037
0000008m.040
0000009m.043
000000ws.017
000001ws.020
000002ws.023
000003ws.026
000004ws.029
000005ws.032
000006ws.035
000007ws.038
000008ws.041
000009ws.044
00000SMS.083
0000SMS2.084
000Meter.064
000SMS2b.085
000alarm.045
000email.058
000voice.088
00alarm2.046
00email2.059
00missed.066
00voice2.089
0DialFav.055
0blue_on.052
0email2b.060
0missed2.067
0rotator.080
0voice2b.090
0wifi_on.093
AL0237~1.001
AL0B21~1.003
AL0B25~1.009
AL0B2D~1.002
AL403C~1.011
AL407C~1.005
AL5482~1.010
AL5484~1.004
AL7427~1.006
AL74AE~1.012
AL7A7B~1.008
AL7AFA~1.014
ALAB87~1.013
ALABC7~1.007
APPOIN~1.047
APPOIN~2.048
APP_LA~1.049
BLUE_C~1.050
CUSTOM~1.053
CUSTOM~2.054
DISCON~1.056
DISCON~2.057
MANILL~1.000
MENUCU~1.061
MENUEN~1.062
MENUMU~1.063
METERB~1.065
MUTECA~1.070
MuteCall.069
PR23CD~1.076
PR36AC~1.077
PRFF3D~1.075
PROFIL~1.071
PROFIL~2.072
PROFIL~3.073
PROFIL~4.074
Pro_Lock.078
Pro_Mute.079
SETTIN~1.082
TASKSW~1.086
TEXTWI~1.087
WIFI_C~1.091
_setup.xml
blue_off.051
missed2b.068
settings.081
wifi_off.092
phoneAlarm 2.10Build315skins/skins/doodle.arm.CAB
.cab
00000car.007
00000sms.023
0000home.012
0000loud.013
0000mute.017
0000sms1.024
0000work.028
000email.010
000night.021
000plane.022
000zPIX1.029
00alarm1.002
00alarm2.003
00dateBg.009
00email1.011
0bgSmall.004
0clockBg.008
0meeting.014
0muteOff.018
0mutePro.019
BTOFFS~1.005
BTONSM~1.006
DOODLE~1.000
DOODLE~1.001
MISSED~3.015
MISSED~4.016
TOOLSS~1.025
VOICES~1.026
VOICES~2.027
ZSKETC~1.030
_setup.xml
muteTime.020
phoneAlarm 2.10Build315skins/skins/favour8.ARM.CAB
.cab
0000Date.068
.gif
0002-App.028
000Clock.067
.gif
000Prof3.082
000Prof4.083
000Prof5.084
000Prof6.085
000Prof7.086
000VJSMS.095
001-Date.009
.gif
00ReadMe.087
00SMS-ON.092
01-Clock.008
.gif
01-Prof1.018
01-Prof2.019
01-Prof3.020
01-Prof4.021
01-Prof5.022
01-Prof6.023
01-Prof7.024
02-App01.029
02-App02.030
02-App03.031
02-App04.032
02-App05.033
02-App06.034
02-App07.035
02-App08.036
02-App09.037
02-App10.038
02-App11.039
02-App12.040
02-App13.041
02-App14.042
0Blue-ON.066
0Favour8.001
0Rotator.089
.gif
0WLAN-ON.098
1-ALAR~1.004
1-ALAR~1.005
1-APPO~1.006
1-BACK~1.007
1-EMAI~1.010
1-MISS~1.011
1-MISS~2.012
1-NOTI~1.013
1-PROF~1.014
1-PROF~2.015
1-PROF~3.016
1-PROF~4.017
1-SMS-ON.025
1-VOIC~1.026
1-VOIC~2.027
2-Appbis.043
.gif
2-BACK~1.044
2-DIAL~1.045
3-BACK~1.046
3-BLUE~1.047
3-Button.048
3-CONN~1.049
.gif
3-PHOT~1.050
3-VOLU~1.051
3-VOLU~2.052
3-WLAN~1.053
Alarm-ON.054
BA7145~1.063
BA7535~1.060
BA7935~1.061
BA7D35~1.062
BACKGR~1.055
BACKPR~1.056
BACKPR~2.057
BACKPR~3.058
BACKPR~4.059
BATTER~1.064
BATTER~1.065
Email-ON.069
FAVOUR~1.000
FAVOUR~1.002
FAVOUR~2.003
RIGHT-~1.088
SIGNAL~1.090
SIGNAL~1.091
TOP-BU~1.093
VJDialer.094
VOICE-~1.096
Voice-ON.097
_setup.xml

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: - Virtual size: 348KB

Size: 139KB - Virtual size: 140KB

70b3800082f9a077e556146680a8da82

Headers

File Characteristics

Imports

kernel32

lz32

user32

Sections

.text Size: 2KB - Virtual size: 1KB

.rsrc Size: 746KB - Virtual size: 746KB

.text
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 746KB - Virtual size: 746KB