06bcecfe70ee353a1630978ef497c884_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

06bcecfe70ee353a1630978ef497c884_JaffaCakes118
Size

62KB
MD5

06bcecfe70ee353a1630978ef497c884
SHA1

285415d89186e8670549b77b2f03e641caa8145c
SHA256

7379e1db63a706677144972f30ae4261d04b24e3663280ae662ecd1987c2e2b6
SHA512

e195514f592a617e37ba0ec5f044d9054118cddc412120e220bedfd425d46ed8e7ee71cf9080ba8acf6dee29a3bfc7499da1451af798994070c5726c40cae7c8
SSDEEP

1536:aHtVhPKmAOQQI9eSQhjm6QvO4lmvHU5LwjaKYVGvSRDqyQqJ:wZKv79RQk6Jfv0pwjaKYVGvuqyQqJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack002/3epLin.exe
unpack003/RApTor_CD.exe
unpack004/Q317_UZNIK.exe

Files

06bcecfe70ee353a1630978ef497c884_JaffaCakes118
.rar
3epLin.rar
.rar
3epLin.exe
.exe windows:4 windows x86 arch:x86

79fd079e9d3e0619831be2cf92afa94a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
ShowWindow
SetWindowTextA
SetWindowPos
SetTimer
SetForegroundWindow
SetCursorPos
SetClipboardData
SendNotifyMessageA
SendMessageTimeoutA
SendMessageA
RegisterWindowMessageA
RegisterClassExA
PostQuitMessage
OpenClipboard
MoveWindow
ModifyMenuA
MessageBoxA
MapWindowPoints
LoadIconA
LoadCursorA
LoadBitmapA
UpdateWindow
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
InsertMenuItemA
GetWindowThreadProcessId
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindow
GetSystemMenu
GetSubMenu
GetParent
GetMessageA
GetMenuStringA
GetMenuItemID
GetMenuItemCount
GetMenu
GetForegroundWindow
GetDesktopWindow
GetCursorPos
keybd_event
mouse_event
KillTimer
GetClipboardData
GetClientRect
GetClassNameA
GetAsyncKeyState
EnumWindows
EnumChildWindows
EnableWindow
EnableMenuItem
EmptyClipboard
DrawMenuBar
DispatchMessageA
DefWindowProcA
CreateWindowExA
CloseClipboard
wsprintfA

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
WriteProcessMemory
WriteFile
WaitForSingleObject
VirtualProtectEx
VirtualFree
VirtualAlloc
TerminateThread
TerminateProcess
SystemTimeToFileTime
Sleep
SetPriorityClass
SetLocalTime
SetFileTime
SetFilePointer
SetFileAttributesA
SetEndOfFile
SetCurrentDirectoryA
RtlMoveMemory
ResumeThread
RemoveDirectoryA
ReadProcessMemory
ReadFile
OpenProcess
MoveFileA
LocalFileTimeToFileTime
LoadLibraryA
InterlockedIncrement
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryA
GetVersionExA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
GetLastError
GetFileTime
GetFileSize
GetFileAttributesA
GetExitCodeProcess
GetCurrentProcess
CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
GetCurrentDirectoryA
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
FileTimeToSystemTime

shell32

ShellExecuteExA
DragQueryFileA
DragFinish

gdi32

DeleteObject

advapi32

RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

winmm

timeSetEvent
timeKillEvent

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FIX_3epLin.reg
RApTor_CD.rar
.rar
RApTor_CD.exe
.exe windows:4 windows x86 arch:x86

79fd079e9d3e0619831be2cf92afa94a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
ShowWindow
SetWindowTextA
SetWindowPos
SetTimer
SetForegroundWindow
SetCursorPos
SetClipboardData
SendNotifyMessageA
SendMessageTimeoutA
SendMessageA
RegisterWindowMessageA
RegisterClassExA
PostQuitMessage
OpenClipboard
MoveWindow
ModifyMenuA
MessageBoxA
MapWindowPoints
LoadIconA
LoadCursorA
LoadBitmapA
UpdateWindow
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
InsertMenuItemA
GetWindowThreadProcessId
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindow
GetSystemMenu
GetSubMenu
GetParent
GetMessageA
GetMenuStringA
GetMenuItemID
GetMenuItemCount
GetMenu
GetForegroundWindow
GetDesktopWindow
GetCursorPos
keybd_event
mouse_event
KillTimer
GetClipboardData
GetClientRect
GetClassNameA
GetAsyncKeyState
EnumWindows
EnumChildWindows
EnableWindow
EnableMenuItem
EmptyClipboard
DrawMenuBar
DispatchMessageA
DefWindowProcA
CreateWindowExA
CloseClipboard
wsprintfA

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
WriteProcessMemory
WriteFile
WaitForSingleObject
VirtualProtectEx
VirtualFree
VirtualAlloc
TerminateThread
TerminateProcess
SystemTimeToFileTime
Sleep
SetPriorityClass
SetLocalTime
SetFileTime
SetFilePointer
SetFileAttributesA
SetEndOfFile
SetCurrentDirectoryA
RtlMoveMemory
ResumeThread
RemoveDirectoryA
ReadProcessMemory
ReadFile
OpenProcess
MoveFileA
LocalFileTimeToFileTime
LoadLibraryA
InterlockedIncrement
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryA
GetVersionExA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
GetLastError
GetFileTime
GetFileSize
GetFileAttributesA
GetExitCodeProcess
GetCurrentProcess
CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
GetCurrentDirectoryA
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
FileTimeToSystemTime

shell32

ShellExecuteExA
DragQueryFileA
DragFinish

gdi32

DeleteObject

advapi32

RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

winmm

timeSetEvent
timeKillEvent

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RApTor_CD_FIX.reg
Vir.rar
.rar
Q317_UZNIK.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 136KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Q317_UZNIK.exe FIX.reg

Sharing

General

Malware Config

Signatures

Files

79fd079e9d3e0619831be2cf92afa94a

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

advapi32

winmm

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 76KB

.rsrc Size: 25KB - Virtual size: 28KB

79fd079e9d3e0619831be2cf92afa94a

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

advapi32

winmm

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 76KB

.rsrc Size: 25KB - Virtual size: 28KB

Headers

File Characteristics

Sections

Size: - Virtual size: 136KB

Size: 12KB - Virtual size: 12KB

.rsrc Size: 25KB - Virtual size: 28KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 76KB

.rsrc
Size: 25KB - Virtual size: 28KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 76KB

.rsrc
Size: 25KB - Virtual size: 28KB

.rsrc
Size: 25KB - Virtual size: 28KB