94a9573c457fc90d013c9331f645e614_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94a9573c457fc90d013c9331f645e614_JaffaCakes118
Size

6.4MB
MD5

94a9573c457fc90d013c9331f645e614
SHA1

b5726a456262c6680cda26a6d4ca89ec66baa302
SHA256

7f761fa9ae82c5e5bc42cf91e69cf804c5e6e88f08aade3523cccc79c4810f4e
SHA512

629423faa3f444a5815f8d8fad5d658e0305dc50ba1dcfec560857fa247591fe40585344878f0d8717d03d8179e4415d647026141fa55d5b6ac6745ec6d9fff9
SSDEEP

196608:57hP9l4/UFx3KQbgo042xCFhP9hCc1WA+2pOp23jL/OXRM:57hP9lvL4pC1hqA/jL2XRM

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/keygen.exe
unpack001/windows7manager.exe

Files

94a9573c457fc90d013c9331f645e614_JaffaCakes118
.zip
155ɫվ.url
.url
CORE.NFO
FILE_ID.DIZ
keygen.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\chris\Documents\Visual Studio 2008\Projects\AllYamicsoftKeygen\obj\Release\GuiKeygenTemplate.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
windows7manager.exe
.exe windows:5 windows x86 arch:x86

b21e172d4023b3af223a893c705b3225

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\BranchAI\win\Release\stubs\x86u\ExternalUi.pdb

Imports

kernel32

GetLastError
GetDriveTypeW
CompareStringW
lstrcmpiW
lstrlenW
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
HeapCreate
ExitProcess
GetModuleFileNameA
TlsFree
TlsSetValue
TlsAlloc
LoadLibraryW
LCMapStringW
LCMapStringA
DeleteCriticalSection
GetStringTypeW
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LoadLibraryA
LocalAlloc
PeekNamedPipe
GetStdHandle
TerminateProcess
OpenProcess
SearchPathW
ConnectNamedPipe
CreateNamedPipeW
GetVersion
GetExitCodeProcess
CreateProcessW
GetDiskFreeSpaceExW
ResetEvent
MoveFileW
TerminateThread
GetSystemTime
GetEnvironmentVariableW
GetWindowsDirectoryW
GetSystemDirectoryW
InitializeCriticalSection
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpW
CreateFileW
WriteFile
CreateMutexW
GetFileSize
ReadFile
GlobalFree
GetTempPathW
FindFirstFileW
DeleteFileW
InterlockedExchange
WideCharToMultiByte
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
FindClose
CreateFileA
GetFileAttributesW
GetLogicalDriveStringsW
FindNextFileW
RemoveDirectoryW
GetCPInfo
GetProcAddress
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateDirectoryW
GetCurrentProcessId
CloseHandle
GetExitCodeThread
OutputDebugStringW
GlobalMemoryStatus
GetUserDefaultLangID
SetEvent
GetSystemDefaultLangID
GetLocaleInfoW
EnumResourceLanguagesW
SetFilePointer
CopyFileW
SetCurrentDirectoryW
FlushFileBuffers
LocalFree
FormatMessageW
SetFileAttributesW
GetShortPathNameW
GetTempFileNameW
GetCurrentThread
CreateThread
GetVersionExW
WaitForSingleObject
CreateEventW
SetLastError
FlushInstructionCache
GetCurrentProcess
Sleep
RaiseException
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
TlsGetValue
MulDiv

user32

SetFocus
GetDC
ReleaseDC
GetWindowRect
SendMessageW
GetSysColorBrush
IsWindowVisible
IntersectRect
EqualRect
MapWindowPoints
GetWindowLongW
PtInRect
IsRectEmpty
SetRectEmpty
GetClientRect
ClientToScreen
SetWindowPos
OffsetRect
GetSystemMetrics
GetWindowTextW
GetWindowTextLengthW
DrawIconEx
GetComboBoxInfo
DrawFrameControl
RegisterWindowMessageW
CreateAcceleratorTableW
InvalidateRgn
GetDesktopWindow
DestroyAcceleratorTable
GetKeyState
DrawTextExW
DrawStateW
ValidateRect
DestroyMenu
AppendMenuW
CreatePopupMenu
TrackPopupMenu
InflateRect
LoadBitmapW
CharNextW
DrawFocusRect
GetClassNameW
ReleaseCapture
GetCapture
SetCapture
UpdateWindow
GetDlgCtrlID
SetScrollInfo
GetScrollPos
GetClassInfoExW
RegisterClassExW
SetScrollPos
EndPaint
FillRect
SetRect
BeginPaint
MoveWindow
GetScrollInfo
ScreenToClient
GetMessagePos
GetSysColor
RedrawWindow
DestroyIcon
SystemParametersInfoW
GetActiveWindow
TrackMouseEvent
GetAsyncKeyState
GetWindowDC
KillTimer
CreateWindowExW
DestroyCursor
GetWindowRgn
DrawTextW
IsZoomed
SetWindowRgn
CreateDialogParamW
EndDialog
DialogBoxParamW
GetNextDlgTabItem
CopyRect
IsWindowEnabled
SetCursor
GetWindow
MonitorFromWindow
GetMonitorInfoW
LoadImageW
InvalidateRect
IsDialogMessageW
IsChild
GetFocus
PostQuitMessage
IsWindow
LoadStringW
MessageBoxW
PostMessageW
SetForegroundWindow
SetCursorPos
GetCursorPos
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
ShowWindow
LoadCursorW
GetParent
GetPropW
GetForegroundWindow
MsgWaitForMultipleObjects
GetSystemMenu
ModifyMenuW
FindWindowW
ExitWindowsEx
SetPropW
RemovePropW
EnableMenuItem
LoadMenuW
GetSubMenu
SetTimer
LoadIconW
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
UnregisterClassA
CallWindowProcW
SetWindowLongW
GetDlgItem
SetWindowTextW
DestroyWindow
EnableWindow
DefWindowProcW

gdi32

GetTextMetricsW
ExtTextOutW
SetBkColor
GetWindowExtEx
GetViewportExtEx
SetMapMode
GetMapMode
CreateDIBSection
CreateFontIndirectW
GetObjectW
CreateSolidBrush
GetRgnBox
EqualRgn
CreatePolygonRgn
CreateRectRgnIndirect
GetStockObject
GetBitmapBits
ExcludeClipRect
SelectClipRgn
CreateRectRgn
SetBkMode
SetTextColor
SetViewportOrgEx
GetDeviceCaps
SetBrushOrgEx
CreatePatternBrush
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
CreateBitmapIndirect
CreateFontW

advapi32

LookupPrivilegeValueW
OpenProcessToken
StartServiceW
QueryServiceStatus
OpenServiceW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
OpenSCManagerW
LockServiceDatabase
UnlockServiceDatabase
CloseServiceHandle
GetUserNameW
RegOpenKeyW

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteW

ole32

CoGetClassObject
CoCreateInstance
CLSIDFromString
OleInitialize
CoUninitialize
CoInitializeEx
CoTaskMemFree
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CoInitialize
CoTaskMemRealloc
CLSIDFromProgID

oleaut32

SysStringByteLen
OleLoadPicture
VarDateFromStr
VarUI4FromStr
LoadRegTypeLi
SysAllocStringByteLen
OleCreateFontIndirect
VariantChangeType
VariantCopy
VariantInit
VariantClear
SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen
LoadTypeLi

dbghelp

SymSetOptions
SymInitialize
StackWalk
SymCleanup
SymGetLineFromAddr
SymGetSymFromAddr
SymFunctionTableAccess
SymGetModuleBase

shlwapi

PathIsUNCW
PathFileExistsW

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetIcon
ImageList_SetBkColor
ImageList_LoadImageW
InitCommonControlsEx
DestroyPropertySheetPage
PropertySheetW
CreatePropertySheetPageW
ImageList_Create
_TrackMouseEvent
ImageList_Destroy

msimg32

TransparentBlt

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

Sections

.text
Size: 675KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 76KB - Virtual size: 76KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

b21e172d4023b3af223a893c705b3225

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

dbghelp

shlwapi

comctl32

msimg32

version

comdlg32

Sections

.text Size: 675KB - Virtual size: 675KB

.rdata Size: 161KB - Virtual size: 160KB

.data Size: 9KB - Virtual size: 33KB

.rsrc Size: 88KB - Virtual size: 87KB

.reloc Size: 69KB - Virtual size: 68KB

.text
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 675KB - Virtual size: 675KB

.rdata
Size: 161KB - Virtual size: 160KB

.data
Size: 9KB - Virtual size: 33KB

.rsrc
Size: 88KB - Virtual size: 87KB

.reloc
Size: 69KB - Virtual size: 68KB