088584786d96c6870494abddbfd6fbb9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

088584786d96c6870494abddbfd6fbb9_JaffaCakes118
Size

605KB
MD5

088584786d96c6870494abddbfd6fbb9
SHA1

d64e9f3b65921385ef6836159ba2be05fb4753d6
SHA256

abb43722869a9b58c8f2deb4806d2ab05d35e9f5a88d70ebd3ce954a10119c08
SHA512

aff4821550246d9754b7fe1e7dafea4becd13ec14b17be4ab34a4813b854e8f2c1c058234b84142eb9d76f777d211e76c93a6d54d1db5d7955cbbd745bdc62b1
SSDEEP

12288:HaIioohAPJNZ0XndKAWB/RwpCMhuq6U+fhxsaf:H5iJ6ZEWZRaMnU+fDsaf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Advanced.EFS.Data.Recovery.3.0.WinAll.Cracked-ARN/crack/aefsdr.exe

Files

088584786d96c6870494abddbfd6fbb9_JaffaCakes118
.zip
Advanced.EFS.Data.Recovery.3.0.WinAll.Cracked-ARN/arn.nfo
Advanced.EFS.Data.Recovery.3.0.WinAll.Cracked-ARN/crack/aefsdr.exe
.exe windows:4 windows x86 arch:x86

b04ca79355aac5d58bb342587753a743

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
LookupAccountSidW
GetTokenInformation
OpenProcessToken
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueA
GetUserNameW
GetUserNameA
LookupAccountSidA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
FreeSid
SetSecurityDescriptorDacl
GetAce
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
GetLengthSid
RegCreateKeyExA
RegQueryValueA
RegCloseKey
RegDeleteKeyA
RegSetValueA
RegEnumKeyExA
RegSetKeySecurity
AllocateAndInitializeSid

comctl32

ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_GetIcon
ImageList_Draw
CreateMappedBitmap
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Create
InitCommonControls
ImageList_DrawIndirect

gdi32

SelectClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreatePatternBrush
GetBkColor
SetRectRgn
CombineRgn
EnumFontFamiliesExA
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
GetTextMetricsA
GetCharWidthA
StretchDIBits
CreateBitmap
CreateRectRgn
GetStockObject
GetObjectA
Escape
GetTextExtentPoint32A
ExtTextOutA
TextOutA
PatBlt
Rectangle
Ellipse
RectVisible
PtVisible
GetBkMode
GetDeviceCaps
CreateCompatibleBitmap
CreateFontIndirectA
CreateHatchBrush
CreatePen
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetTextExtentPoint32W
DeleteObject
DPtoLP
CreateFontA
DeleteDC
CreateDIBitmap
CreateSolidBrush
CreateDCA

kernel32

VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
HeapCreate
LoadLibraryA
GetWindowsDirectoryA
GetVersion
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceExA
GetVolumeNameForVolumeMountPointA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
lstrcmpiA
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
ReadFile
CreateFileA
MultiByteToWideChar
HeapDestroy
HeapSize
GetCommandLineA
GetStartupInfoA
TerminateProcess
ExitProcess
VirtualQuery
VirtualAlloc
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
SetErrorMode
GetOEMCP
FindResourceExA
SetEndOfFile
FlushFileBuffers
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
GlobalFlags
InterlockedIncrement
WritePrivateProfileStringA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedDecrement
SetLastError
MulDiv
GlobalGetAtomNameA
LocalFree
LocalAlloc
LockResource
LoadResource
FindResourceA
FormatMessageA
CreateDirectoryA
GetEnvironmentVariableW
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcess
GetCurrentThread
WideCharToMultiByte
GlobalFindAtomA
lstrcatA
lstrcmpW
lstrcpynA
VirtualProtect
GlobalAddAtomA
GetCurrentThreadId
GlobalDeleteAtom
VirtualQueryEx
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetCPInfo
GetSystemTime
GetSystemDefaultLangID
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateThread
SetThreadPriority
lstrlenA
lstrlenW
CompareStringA
CompareStringW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
Sleep
SizeofResource
FreeResource
SetFileTime
DeviceIoControl
TerminateThread
GetLocalTime
GetFileSize
GetComputerNameA
GlobalMemoryStatus
WriteFile
FindFirstFileA
FindNextFileA
FindClose
OpenProcess
GetSystemInfo
ReadProcessMemory
FreeLibrary
GetProcAddress

oleaut32

VariantInit
VariantChangeType
SysAllocStringLen
VariantClear

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHGetMalloc

shlwapi

PathFindFileNameA
PathFindExtensionA

user32

WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DestroyMenu
InflateRect
GetMenuStringA
RegisterWindowMessageA
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsChild
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetScrollPos
SetForegroundWindow
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
UnregisterClassA
DefWindowProcA
IntersectRect
IsIconic
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
MoveWindow
GetDlgCtrlID
IsDialogMessageA
SendDlgItemMessageA
IsZoomed
MapDialogRect
ShowWindow
GetCapture
GetAsyncKeyState
SetFocus
GetDesktopWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
ValidateRect
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
PostQuitMessage
FrameRect
IsWindow
DrawFocusRect
KillTimer
SetTimer
ReleaseDC
GetDC
RemoveMenu
ModifyMenuA
InsertMenuA
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuA
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
TabbedTextOutA
DrawEdge
LoadBitmapA
CopyRect
GetSysColorBrush
FillRect
GetSystemMetrics
DrawTextA
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetMenuItemInfoA
LoadImageA
wsprintfA
GetWindow
RedrawWindow
SetMenu
OffsetRect
IsMenu
TranslateAcceleratorA
GetDCEx
LockWindowUpdate
WinHelpA
LoadAcceleratorsA
SetCapture
SetRect
PtInRect
ReleaseCapture
CallWindowProcA
TranslateMessage
SetWindowLongA
SetActiveWindow
GetClientRect
PeekMessageA
DispatchMessageA
MsgWaitForMultipleObjects
DestroyCursor
GetSysColor
InvalidateRect
UpdateWindow
DeleteMenu
LoadMenuA
GetSubMenu
GetCursorPos
LoadCursorA
SetParent
SetMenuItemBitmaps
SetCursor
EnableMenuItem
PostMessageA
LoadIconA
SendMessageA
GetParent
GetFocus
DialogBoxParamA
SetWindowTextA
SetDlgItemTextA
GetDlgItemTextA
EndDialog
GetWindowRect
SetWindowPos
EnableWindow
MessageBoxA
SetRectEmpty

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 519KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 42KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 423KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 4.9MB

.as_0001
Size: 114KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 8KB

.as_0002
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Advanced.EFS.Data.Recovery.3.0.WinAll.Cracked-ARN/file_id.diz
Advanced.EFS.Data.Recovery.v3.0.RETAIL-YAG/YAG.nfo
Advanced.EFS.Data.Recovery.v3.0.RETAIL-YAG/crack/serial.txt
Advanced.EFS.Data.Recovery.v3.0.RETAIL-YAG/file_id.diz

Sharing

General

Malware Config

Signatures

Files

b04ca79355aac5d58bb342587753a743

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

shell32

shlwapi

user32

version

winspool.drv

comdlg32

ole32

Sections

.text Size: 519KB - Virtual size: 520KB

.data Size: 124KB - Virtual size: 128KB

Size: 42KB - Virtual size: 2.0MB

Size: 3KB - Virtual size: 4KB

.rsrc Size: 423KB - Virtual size: 424KB

.idata Size: 9KB - Virtual size: 12KB

.zero Size: - Virtual size: 4.9MB

.as_0001 Size: 114KB - Virtual size: 120KB

.zero Size: - Virtual size: 8KB

.as_0002 Size: 48KB - Virtual size: 48KB

.text
Size: 519KB - Virtual size: 520KB

.data
Size: 124KB - Virtual size: 128KB

.rsrc
Size: 423KB - Virtual size: 424KB

.idata
Size: 9KB - Virtual size: 12KB

.zero
Size: - Virtual size: 4.9MB

.as_0001
Size: 114KB - Virtual size: 120KB

.zero
Size: - Virtual size: 8KB

.as_0002
Size: 48KB - Virtual size: 48KB