b2c056e4785abaaafe97403373150c38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2c056e4785abaaafe97403373150c38_JaffaCakes118
Size

607KB
MD5

b2c056e4785abaaafe97403373150c38
SHA1

58379e521edaa564c76049971fc8683a97b639ff
SHA256

2cefb84570e960653514fd8f29c3af359ef26fc2cf6f9b0b38d8887798319ef4
SHA512

d77823ab9b109b6e18ce1bd19e4a7a482f0b97bc055d7739313db24d5d12e87697e7f1b93ad3fa927b89d4b55d93a2d0b4cc8298213f41aa7aa1418e57a9a3a2
SSDEEP

12288:GPlwy1/qpKRfN1mXEPsk4patu426nUKivcJwSJbre:ZpUagsjpaYP6nUKECe

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PhoneSetupCreator/PSC.exe
unpack001/PhoneSetupCreator/bin/Cabwiz.exe
unpack001/PhoneSetupCreator/bin/Makecab.exe

Files

b2c056e4785abaaafe97403373150c38_JaffaCakes118
.rar
PhoneSetupCreator/PSC.exe
.exe windows:4 windows x86 arch:x86

cf8356136d0fd06032b78d1062e3ef46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_EndDrag
ImageList_GetImageCount
ImageList_Remove
ImageList_Replace
ImageList_SetImageCount
InitCommonControls

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetOpenFileNameW

gdi32

Arc
BitBlt
Chord
CombineRgn
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateEllipticRgn
CreateFontIndirectA
CreateFontIndirectW
CreatePatternBrush
CreatePenIndirect
CreatePolygonRgn
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
EnumFontFamiliesA
EnumFontFamiliesExA
EnumFontFamiliesExW
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutA
ExtTextOutW
GetBitmapBits
GetCharABCWidthsA
GetClipBox
GetClipRgn
GetCurrentObject
GetDCOrgEx
GetDIBits
GetDeviceCaps
GetMapMode
GetObjectA
GetObjectType
GetObjectW
GetPixel
GetROP2
GetRandomRgn
GetRgnBox
GetStockObject
GetTextAlign
GetTextColor
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextMetricsA
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LineTo
MaskBlt
MoveToEx
OffsetRgn
PatBlt
Pie
PolyBezier
Polygon
Polyline
PtInRegion
RealizePalette
RectVisible
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetMapMode
SetPixel
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
TextOutW

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FindResourceExA
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
FreeResource
GetACP
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStringsA
GetExitCodeProcess
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadLocale
GetThreadPriority
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
MulDiv
MultiByteToWideChar
PeekNamedPipe
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile

mpr

WNetGetConnectionA

ole32

CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize

oleaut32

SafeArrayAccessData
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeTypeEx
VariantClear
VariantCopy

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryFileW
SHBrowseForFolder
SHBrowseForFolderW
SHGetPathFromIDList
SHGetPathFromIDListW
ShellExecuteA

user32

AdjustWindowRectEx
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharToOemA
CharUpperA
CharUpperBuffA
CharUpperBuffW
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CopyImage
CountClipboardFormats
CreateCaret
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DeleteMenu
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawMenuBar
DrawStateA
DrawStateW
DrawTextA
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndPaint
EnumClipboardFormats
EnumPropsA
EnumThreadWindows
FillRect
FrameRect
GetActiveWindow
GetCapture
GetCaretPos
GetClassInfoA
GetClassInfoW
GetClassLongA
GetClassNameA
GetClientRect
GetClipboardData
GetClipboardFormatNameA
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetMenu
GetMenuItemCount
GetMenuItemInfoA
GetParent
GetPropA
GetScrollInfo
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemA
IntersectRect
InvalidateRect
InvalidateRgn
IsClipboardFormatAvailable
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadCursorA
LoadIconA
LoadImageA
MapWindowPoints
MessageBoxA
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
RedrawWindow
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
ScrollWindowEx
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongA
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetScrollInfo
SetSysColors
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
ShowCaret
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenuEx
TranslateAcceleratorA
TranslateMessage
UnregisterClassA
UnregisterClassW
UpdateWindow
WindowFromDC
WindowFromPoint

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PhoneSetupCreator/Readme.txt
PhoneSetupCreator/bin/Cabwiz.exe
.exe windows:4 windows x86 arch:x86

91310f95a1b02d9d523bc53547d1cfa8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupGetLineCountA
SetupOpenInfFileA
SetupGetIntField
SetupGetStringFieldA
SetupFindNextMatchLineA
SetupFindNextLine
SetupGetFieldCount
SetupFindFirstLineA
SetupCloseInfFile

kernel32

ExitProcess
HeapFree
GetModuleHandleA
GetStartupInfoA
GetStringTypeW
GetStringTypeA
SetStdHandle
FlushFileBuffers
LoadLibraryA
LocalFree
lstrcpyA
LocalAlloc
lstrlenA
lstrcmpiA
lstrcatA
ReadFile
GetFileSize
Sleep
CreateFileA
GetFileAttributesA
CloseHandle
SetFilePointer
DeleteFileA
WriteFile
GetLastError
GetCurrentDirectoryA
GetCommandLineA
lstrcpynA
GetTempFileNameA
CreateDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetShortPathNameA
WaitForSingleObject
CreateProcessA
SetFileAttributesA
CopyFileA
GetProcAddress
FreeEnvironmentStringsA
GetVersion
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetModuleFileNameA
HeapCreate
HeapDestroy
GetOEMCP
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetACP
VirtualFree
RtlUnwind
VirtualAlloc
GetCPInfo

user32

LoadStringA
wsprintfA
IsCharAlphaA
MessageBoxA
CharUpperA
wvsprintfA

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PhoneSetupCreator/bin/Makecab.exe
.exe windows:4 windows x86 arch:x86

4bbf00470be7bafe4698d3b35c055e2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetFileAttributesA
CloseHandle
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
CreateFileA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetLastError
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetFileType
ReadFile
WriteFile
SetFilePointer
DeleteFileA
FindClose
FileTimeToSystemTime
FindFirstFileA
CreateDirectoryA
GetCurrentDirectoryA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
GetDriveTypeA
GetStringTypeA
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetProcAddress
GetModuleHandleA
SetEndOfFile
SetHandleCount
GetStdHandle
GetStartupInfoA
SetStdHandle
GetFullPathNameA
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
LoadLibraryA
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapReAlloc

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PhoneSetupCreator/bin/cabwiz.ddf

Sharing

General

Malware Config

Signatures

Files

cf8356136d0fd06032b78d1062e3ef46

Headers

File Characteristics

Imports

comctl32

comdlg32

gdi32

kernel32

mpr

ole32

oleaut32

shell32

user32

version

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 299KB - Virtual size: 299KB

.bss Size: - Virtual size: 20KB

.idata Size: 11KB - Virtual size: 11KB

.rsrc Size: 139KB - Virtual size: 139KB

91310f95a1b02d9d523bc53547d1cfa8

Headers

File Characteristics

Imports

setupapi

kernel32

user32

Sections

.text Size: 44KB - Virtual size: 43KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 16KB - Virtual size: 14KB

4bbf00470be7bafe4698d3b35c055e2a

Headers

File Characteristics

Imports

kernel32

version

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 24KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 299KB - Virtual size: 299KB

.bss
Size: - Virtual size: 20KB

.idata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 139KB - Virtual size: 139KB

.text
Size: 44KB - Virtual size: 43KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 16KB - Virtual size: 14KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 24KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB