75867f08f0189a7e8ade9eab2a32cbdf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75867f08f0189a7e8ade9eab2a32cbdf_JaffaCakes118
Size

1.5MB
MD5

75867f08f0189a7e8ade9eab2a32cbdf
SHA1

0e6609abddd638ed68ba9c35666b9088e0d3436a
SHA256

db2e0feab5aad9e15a71e046997adfa124a95d645d2bb0a563a5268cddbcc8c3
SHA512

5f23481d61e75b546d5fd2f97f5690f2c5d1f77b99d60894428303950a7e67c7a620390d3f5820950013a5c9cd023bf6567f3a0872001c99c133565f28a6d850
SSDEEP

24576:44bYav1i5SHJAL8Mrg1z1PSW9vASwIMI6qhB63ywtiC+h4SUgtEGqJxyJvUxQr:cOai1FS8hMh93ywtN+h41aEGwnxQr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CHMEditor/chmeditor.exe

Files

75867f08f0189a7e8ade9eab2a32cbdf_JaffaCakes118
.rar
CHMEditor/CHMEditor.chm
.chm
CHMEditor/Languages/Brazilian Portuguese.lng
CHMEditor/Languages/Brazilian Portuguese.tips
CHMEditor/Languages/Chinese Traditional.lng
CHMEditor/Languages/Chinese Traditional.tips
CHMEditor/Languages/Simplified Chinese.lng
CHMEditor/Languages/Simplified Chinese.tips
CHMEditor/Languages/Traditional Chinese.lng
CHMEditor/Languages/Traditional Chinese.tips
CHMEditor/Languages/arabic.lng
CHMEditor/Languages/arabic.tips
CHMEditor/Languages/czech.lng
CHMEditor/Languages/czech.tips
CHMEditor/Languages/dutch.lng
CHMEditor/Languages/dutch.tips
CHMEditor/Languages/english.lng
CHMEditor/Languages/english.tips
CHMEditor/Languages/farsi.lng
CHMEditor/Languages/farsi.tips
CHMEditor/Languages/polski.lng
CHMEditor/Languages/polski.tips
CHMEditor/Languages/russian.lng
CHMEditor/Languages/russian.tips
CHMEditor/Languages/spanish.lng
CHMEditor/Languages/spanish.tips
CHMEditor/Templates/None.chm
.chm
CHMEditor/Templates/simple blue.chm
.chm
CHMEditor/Templates/simple green.chm
.chm
CHMEditor/Templates/simple orange.chm
.chm
CHMEditor/chmeditor.exe
.exe windows:4 windows x86 arch:x86

5b31193d7ff614418196b451934dcb2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegSetValueExW

comctl32

_TrackMouseEvent

comdlg32

ChooseFontA

gdi32

UnrealizeObject

imm32

ImmGetVirtualKey

mpr

WNetGetConnectionA

ole32

CreateStreamOnHGlobal

oleaut32

SafeArrayPtrOfIndex

shell32

ShellExecuteExA

urlmon

CoInternetCreateZoneManager

user32

CreateWindowExW

version

VerQueryValueA

wininet

InternetSetOptionA

winmm

timeGetTime

winspool.drv

OpenPrinterA

Sections

.text
Size: 1.4MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CHMEditor/chmeditor.ini
CHMEditor/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

5b31193d7ff614418196b451934dcb2f

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

imm32

mpr

ole32

oleaut32

shell32

urlmon

user32

version

wininet

winmm

winspool.drv

Sections

.text Size: 1.4MB - Virtual size: 4.3MB

.rsrc Size: 61KB - Virtual size: 64KB

.text
Size: 1.4MB - Virtual size: 4.3MB

.rsrc
Size: 61KB - Virtual size: 64KB