fd5f8cac4960fbbf36cfe925d14aa86d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd5f8cac4960fbbf36cfe925d14aa86d_JaffaCakes118
Size

42KB
MD5

fd5f8cac4960fbbf36cfe925d14aa86d
SHA1

37262d7ff1b1e4f33119c3e33dca36f9f32e2254
SHA256

f8a21309c56528719876da49fa83e0723dc56ea17c59a42660d6731acc4d94dd
SHA512

b93f196870fce78e90358f133a8aacbb0208b5bb2118113edcc5b4c6d9a8c490982a4875215798e7a3afc3730868b3cc0635d99554843548becb8bdbca26c195
SSDEEP

768:NUA2k+l3l5adn/s/5PSpZSJGsO5nJKHiDdb+ubq4EQtefEs1S0rWV9Z8f:Nj+6sc9L5n0CD4zg+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/IllustKL/IllustKL.exe

Files

fd5f8cac4960fbbf36cfe925d14aa86d_JaffaCakes118
.zip
IllustKL/IllustKL.exe
.exe windows:4 windows x86 arch:x86

c397731fd41289faade6cca8a3d6839a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
ToAsciiEx
ShowWindow
SetFocus
SendMessageA
RegisterClassExA
PostQuitMessage
OpenClipboard
MsgWaitForMultipleObjects
MoveWindow
MessageBoxA
LoadIconA
LoadCursorA
UpdateWindow
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetMessageA
GetKeyboardState
GetKeyboardLayout
GetKeyState
GetForegroundWindow
GetDCEx
GetDC
GetClipboardData
GetAsyncKeyState
DispatchMessageA
DefWindowProcA
LoadBitmapA
CreateWindowExA
CloseClipboard
AttachThreadInput
wsprintfA
GetDlgCtrlID
GetParent
GetWindowLongA
ReleaseCapture
SetCapture
SetWindowLongA
SetWindowPos

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
_lwrite
_lcreat
_lclose
WriteFile
TerminateProcess
Sleep
SetFilePointer
RemoveDirectoryA
ReleaseMutex
ReadFile
OpenMutexA
GlobalFree
GlobalAlloc
CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExitThread
GetACP
GetCommandLineA
GetCurrentThreadId
GetDiskFreeSpaceA
GetFileSize
GetVersionExA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetTempPathA
GetLastError

gdi32

SelectObject
GetDeviceCaps
GetDIBits
DeleteObject
DeleteDC
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt

shell32

ShellExecuteA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IllustKL/License.txt
IllustKL/help.chm
.chm
IllustKL/order.url

Sharing

General

Malware Config

Signatures

Files

c397731fd41289faade6cca8a3d6839a

Headers

File Characteristics

Imports

user32

kernel32

gdi32

shell32

advapi32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 19KB

.rsrc Size: 250KB - Virtual size: 249KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 19KB

.rsrc
Size: 250KB - Virtual size: 249KB