07e8bf848f5abca32d2e06fc184f04b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07e8bf848f5abca32d2e06fc184f04b1_JaffaCakes118
Size

592KB
MD5

07e8bf848f5abca32d2e06fc184f04b1
SHA1

29ac62f79775a5078dfe28eb13691c6f38c29a27
SHA256

b975b7871b1f0878c3b5d13e374f2ac440fac36200612eeb02722fed477fc75a
SHA512

d064b06fccd8b7cc1da8ded2a4036e3450ba7397870179fa383a5f08de61a273c858583a4e05547894d6497304273dc0f268bae7a0c480f6e9682e738a7a6534
SSDEEP

12288:fK4araKXb9EwuNIHdJ14ZkqyC4Km/aAzYB5m9T/XoV0ySmrF/H:fGLXbm9IHb5PTiuNALvrFf

Score

3^/10

Malware Config

Signatures

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Plugins/ABBYY License.dll
unpack001/Plugins/Aborange.de.dll
unpack001/Plugins/Alcohol 1.x-2.x.dll
unpack001/Plugins/BlindWrite.dll
unpack001/Plugins/Empty Keys.dll
unpack001/Plugins/GAlcott.com.dll
unpack001/Plugins/Namo.dll
unpack001/Plugins/Reflexive.dll
unpack001/Plugins/Teklynx.dll
unpack001/Plugins/Zylom.dll
unpack001/Trial-Reset.exe

Files

07e8bf848f5abca32d2e06fc184f04b1_JaffaCakes118
.zip
Lists/AkaraExeLock320.txt
Lists/BlumentalsSoftware.txt
Lists/EditPlus.txt
Lists/EleFun Games.txt
Lists/GoldWave.txt
Lists/NetMeter.txt
Lists/PECompact.txt
Lists/REAL Studio 2010r1.txt
Lists/RegHide.txt
Lists/Reggie.txt
Lists/Trialware Dialog.txt
Lists/WinImage.txt
Lists/WinRAR.txt
Lists/WinRK.txt
Lists/WinZip.txt
Plugins/ABBYY License.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 9KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/Aborange.de.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/Alcohol 1.x-2.x.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 9KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/BlindWrite.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 7KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/Empty Keys.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/GAlcott.com.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 7KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/Namo.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/Reflexive.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/Teklynx.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/Zylom.dll
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Trial-Reset.chm
.chm
Trial-Reset.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 245KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
src/Declarations.bas
src/FRMAbout.frm
src/FRMAbout.frx
src/FRMAdd.frm
.vbs
src/FRMAdd.frx
src/FRMMain.frm
.vbs
src/FRMMain.frx
src/FRMProtect.frm
.vbs
src/FRMProtect.frx
src/FRMSTClear.frm
.vbs
src/FRMSTClear.frx
src/FRMToolbar.frm
.vbs
src/FRMView.frm
.vbs
src/FRMView.frx
src/FRmToolbar.frx
src/Functions.bas
.vbs
src/Help/Trial-Reset.hhc
.html
src/Help/Trial-Reset.hhk
.html
src/Help/Trial-Reset.hhp
src/Help/commandline.htm
.html
src/Help/edit.htm
.html
src/Help/file.htm
.html
src/Help/history.htm
.html
src/Help/license.htm
.html
src/Help/options.htm
.html
src/Help/requirements.htm
.html
src/Help/shortcut.htm
.html
src/Help/supported.htm
.html
src/Help/welcome.htm
.html
src/Plugins/ABBYY License/ABBYY License.vbp
src/Plugins/ABBYY License/Plugin.bas
.vbs
src/Plugins/ABBYY License/icon.res
src/Plugins/Aborange/Aborange.vbp
src/Plugins/Aborange/Plugin.bas
.vbs
src/Plugins/Aborange/icon.res
src/Plugins/Alcohol Soft/Alcohol.vbp
src/Plugins/Alcohol Soft/Plugin.bas
.vbs
src/Plugins/Alcohol Soft/icon.res
src/Plugins/BlindWrite/BlindWrite.vbp
src/Plugins/BlindWrite/Plugin.bas
.vbs
src/Plugins/BlindWrite/icon.res
src/Plugins/Empty_Keys/Empty_Keys.vbp
src/Plugins/Empty_Keys/Plugin.bas
.vbs
src/Plugins/Empty_Keys/icon.res
src/Plugins/Functions.bas
.vbs
src/Plugins/GAlcott/GAlcott.vbp
src/Plugins/GAlcott/Plugin.bas
src/Plugins/GAlcott/icon.res
src/Plugins/Namo/Namo.vbp
src/Plugins/Namo/Plugin.bas
src/Plugins/Namo/icon.res
src/Plugins/Reflexive/Plugin.bas
.vbs
src/Plugins/Reflexive/Reflexive.vbp
src/Plugins/Reflexive/icon.res
src/Plugins/Teklynx/Plugin.bas
.vbs
src/Plugins/Teklynx/Teklynx.vbp
src/Plugins/Teklynx/icon.res
src/Plugins/Zylom/Plugin.bas
.vbs
src/Plugins/Zylom/Zylom.vbp
src/Plugins/Zylom/icon.res
src/Registry.bas
.vbs
src/Scanners.bas
.vbs
src/TrialReset.res
src/TrialReset.vbp

Sharing

General

Malware Config

Signatures

Files

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 9KB - Virtual size: 40KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 8KB - Virtual size: 36KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 9KB - Virtual size: 36KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 7KB - Virtual size: 32KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 8KB - Virtual size: 36KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 7KB - Virtual size: 32KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 8KB - Virtual size: 32KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 8KB - Virtual size: 36KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 8KB - Virtual size: 36KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

.text
Size: 9KB - Virtual size: 40KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 36KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 9KB - Virtual size: 36KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 7KB - Virtual size: 32KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 36KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 7KB - Virtual size: 32KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 32KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 36KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 36KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 32KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 245KB - Virtual size: 1.2MB

.rsrc
Size: 5KB - Virtual size: 8KB