cf578028cc0baad55092c41b634c76a2_JaffaCakes118

General

Target

cf578028cc0baad55092c41b634c76a2_JaffaCakes118
Size

1.4MB
MD5

cf578028cc0baad55092c41b634c76a2
SHA1

df8ed298b2a8825d827871b664e2b2dcd0813b2c
SHA256

4a19b1d8c6425eedfb46d5051f4f16728d1852288c29f48fb04f1ec72715439d
SHA512

edbde0ae70ac02c2defeb16a172ea6f87e9b2d13110fe2e7c8bc0bcd8a49e193f9948e3bbb1c2391faab85f859470e8674bd822ded9a2027b29eaf861855089e
SSDEEP

24576:2gh3GoVrGonZg10hO+3eJ4uvgAhMSwuQXJ0QPfp/DV/1tGU0XuRRZPIk7z2LCqCu:XBVnnu1r+OJTgAtwuaJjNNHGKRR5Igi/

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Angeliux-setup.exe
unpack001/keygen/keygen.exe

Files

cf578028cc0baad55092c41b634c76a2_JaffaCakes118
.rar
Angeliux-setup.exe
.exe windows:4 windows x86 arch:x86

a3cd138f09c17f81fb64526d63cb2df6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
ExitProcess
DeleteFileA
FreeLibrary
lstrcpyA
GetProcAddress
LoadLibraryA
VirtualFree
CloseHandle
WriteFile
GetWindowsDirectoryA
CreateFileA
lstrcatA
CompareStringA
GetCurrentDirectoryA
lstrlenA
ReadFile
SetFilePointer
VirtualAlloc
GetModuleFileNameA
InterlockedIncrement
GetModuleHandleA

user32

SetCursor
LoadCursorA
wsprintfA
ShowWindow
FindWindowA
MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
keygen/keygen.exe
.exe windows:4 windows x86 arch:x86

ecb147481b26f29fe713ccaa6e1632ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
PostQuitMessage
RegisterClassExA
LoadCursorA
ShowWindow
TranslateMessage
UpdateWindow
GetMessageA
GetDlgItemTextA
DispatchMessageA
DestroyWindow
CreateDialogParamA
DefWindowProcA
SetDlgItemTextA
wsprintfA

kernel32

lstrcatA
GetModuleHandleA
GetCommandLineA
ExitProcess
lstrcpyA

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 909B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

a3cd138f09c17f81fb64526d63cb2df6

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 4B

.data Size: 512B - Virtual size: 604B

.idata Size: 1024B - Virtual size: 766B

.Shared Size: 512B - Virtual size: 4B

.reloc Size: 512B - Virtual size: 434B

.rsrc Size: 3KB - Virtual size: 3KB

ecb147481b26f29fe713ccaa6e1632ab

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 1024B - Virtual size: 909B

.rdata Size: 1024B - Virtual size: 662B

.data Size: 512B - Virtual size: 284B

.rsrc Size: 82KB - Virtual size: 82KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 4B

.data
Size: 512B - Virtual size: 604B

.idata
Size: 1024B - Virtual size: 766B

.Shared
Size: 512B - Virtual size: 4B

.reloc
Size: 512B - Virtual size: 434B

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 1024B - Virtual size: 909B

.rdata
Size: 1024B - Virtual size: 662B

.data
Size: 512B - Virtual size: 284B

.rsrc
Size: 82KB - Virtual size: 82KB