776b97d462a603c1136b1bdf4e974f81_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

776b97d462a603c1136b1bdf4e974f81_JaffaCakes118
Size

342KB
MD5

776b97d462a603c1136b1bdf4e974f81
SHA1

79b441cd5cf9c8789c7caf9bfa070b5597d8595f
SHA256

e155159f1a3bb74236472e0f564d676e29fb3642df5c82e7927ea0808b4fd546
SHA512

de4d56c6b0f1382b979b78068627966a16dc4d07a9948cadc960c425db56d813a5b0c0191981eab57fd12e2fdab4b3a2cfb394d6b3af6ec2bac1d6dbb5241a90
SSDEEP

6144:BBg9IcflwskEwapabJjDWc/ZCKjxjwy+3bWRyeXAhAuFeUUWi3OSSF:BC9h9wnljDBJlj/+3zeXyhm3JSF

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Восстановление/mouse.exe
unpack001/Восстановление/variant1/mouse.exe
unpack001/Восстановление/variant2/Help.exe
unpack001/Восстановление/variant2/mouse.exe
unpack001/Генератор вредилок 3.0.exe

Files

776b97d462a603c1136b1bdf4e974f81_JaffaCakes118
.rar
Readme.txt
Восстановление/Readme.txt
Восстановление/mouse.exe
.exe windows:4 windows x86 arch:x86

c1fa29d901b4e8146faf3e65df5934cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SwapMouseButton

Sections

.text
Size: 512B - Virtual size: 14B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Восстановление/variant1/EXE.reg
Восстановление/variant1/Help.txt
Восстановление/variant1/Regedit.reg
Восстановление/variant1/mouse.exe
.exe windows:4 windows x86 arch:x86

c1fa29d901b4e8146faf3e65df5934cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SwapMouseButton

Sections

.text
Size: 512B - Virtual size: 14B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Восстановление/variant1/Корзина.reg
Восстановление/variant2/EXE.reg
Восстановление/variant2/Help.exe
.exe windows:4 windows x86 arch:x86

67bc8755aa1c8d35680e675f689ea0ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitThread
ExitProcess

user32

wsprintfA
MessageBoxA

advapi32

RegDeleteValueA
RegOpenKeyA

Sections

.text
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Восстановление/variant2/Help.txt
Восстановление/variant2/mouse.exe
.exe windows:4 windows x86 arch:x86

c1fa29d901b4e8146faf3e65df5934cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SwapMouseButton

Sections

.text
Size: 512B - Virtual size: 14B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Генератор вредилок 3.0.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.Upack
Size: 218B - Virtual size: 648KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 336KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c1fa29d901b4e8146faf3e65df5934cc

Headers

File Characteristics

Imports

user32

Sections

.text Size: 512B - Virtual size: 14B

.rdata Size: 512B - Virtual size: 86B

c1fa29d901b4e8146faf3e65df5934cc

Headers

File Characteristics

Imports

user32

Sections

.text Size: 512B - Virtual size: 14B

.rdata Size: 512B - Virtual size: 86B

67bc8755aa1c8d35680e675f689ea0ce

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 512B - Virtual size: 98B

.rdata Size: 512B - Virtual size: 302B

.data Size: 512B - Virtual size: 157B

.rsrc Size: 1024B - Virtual size: 960B

c1fa29d901b4e8146faf3e65df5934cc

Headers

File Characteristics

Imports

user32

Sections

.text Size: 512B - Virtual size: 14B

.rdata Size: 512B - Virtual size: 86B

Headers

File Characteristics

Sections

.Upack Size: 218B - Virtual size: 648KB

.rsrc Size: 336KB - Virtual size: 368KB

.text
Size: 512B - Virtual size: 14B

.rdata
Size: 512B - Virtual size: 86B

.text
Size: 512B - Virtual size: 14B

.rdata
Size: 512B - Virtual size: 86B

.text
Size: 512B - Virtual size: 98B

.rdata
Size: 512B - Virtual size: 302B

.data
Size: 512B - Virtual size: 157B

.rsrc
Size: 1024B - Virtual size: 960B

.text
Size: 512B - Virtual size: 14B

.rdata
Size: 512B - Virtual size: 86B

.Upack
Size: 218B - Virtual size: 648KB

.rsrc
Size: 336KB - Virtual size: 368KB