135c34d244633dad46f62371f0a9bef4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

135c34d244633dad46f62371f0a9bef4_JaffaCakes118
Size

132KB
MD5

135c34d244633dad46f62371f0a9bef4
SHA1

2f21919fc29a8716456cebd76280dadfd6bc44ed
SHA256

1438f96a7251547eb964f75b34f5cb2f57bb4ae533fe74a088852e4dd524f006
SHA512

3bce13fc1e468d8325564f3353947104a8ca680ffc2b8f458fc32a8015c3ffbbc1bc6121b54b889184c400c3f0dff488ff5b150d8aa9884236f95e027742eae3
SSDEEP

3072:tpuoIN4wb25HiN3FVnNup4UdZCtM/GVaYgZG/0:SoINcH2FeeICtTVaDZS0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Acronis.True.Image.11.Home.11.serial.number.maker.by.ACME.exe

Files

135c34d244633dad46f62371f0a9bef4_JaffaCakes118
.zip
ACME.nfo
Acronis.True.Image.11.Home.11.serial.number.maker.by.ACME.exe
.exe windows:5 windows x86 arch:x86

51f6597614d102fc05d109c8c9b8d4ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

wcslen
strlen
_vsnwprintf

shlwapi

StrRStrIA
StrToIntExW
StrCSpnIW
StrRChrA
StrDupW
PathAppendW
StrToIntW

shell32

ord685

kernel32

GetFileSize
FindResourceA
LoadResource
ClearCommError
GetNamedPipeHandleStateA
GetCommProperties
GetModuleHandleW
SetFileTime
LoadLibraryA
WideCharToMultiByte
SetThreadPriority
GetProcessVersion
CreateEventW
OpenEventW
SetCurrentDirectoryA
CreateHardLinkA
FlushViewOfFile
DisconnectNamedPipe
GetTickCount
SleepEx
DosDateTimeToFileTime
FileTimeToDosDateTime
WaitNamedPipeW

user32

SetScrollRange
CreateAcceleratorTableW
PostMessageW
RealGetWindowClassW
SetWindowRgn
GetWindow
TranslateMDISysAccel
DestroyIcon
ToUnicode
FindWindowA
RedrawWindow
ReleaseDC
GetDCEx
SetCursorPos
CreateIcon
GetWindowTextA
IsDialogMessageA
GetWindowTextLengthA
CharLowerBuffW
CharPrevExA
DialogBoxParamW
GetLastActivePopup
IsZoomed
InvertRect
DrawTextExA
DrawFocusRect
TranslateMessage
LockWindowUpdate
MessageBoxA
GetAncestor
EnumPropsA
GetWindowTextW
PeekMessageW
GetWindowContextHelpId
GetAltTabInfoW
MapWindowPoints
UnregisterHotKey
GetPropW
DispatchMessageW
GetParent
GetDC
GetMenuItemRect
LoadMenuW

gdi32

GetDIBColorTable
SetColorAdjustment
SetDIBits
SaveDC
PolyPolyline
PtInRegion
GetTextColor
CreateBitmapIndirect
ScaleViewportExtEx
GetCharacterPlacementA
SetMapMode
GetBoundsRect
SetTextColor
AddFontResourceA
GetBitmapBits
GetClipRgn
SetTextAlign

advapi32

GetLengthSid
InitializeSid
AreAllAccessesGranted
EqualPrefixSid

Exports

Exports

__ReadFile@12
__WriteFile@12

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.icode
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mtemp
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.etable
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 838B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FILE_ID.DIZ

Sharing

General

Malware Config

Signatures

Files

51f6597614d102fc05d109c8c9b8d4ea

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.icode Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 260B

.mtemp Size: 512B - Virtual size: 128B

.etable Size: 1024B - Virtual size: 540B

.rsrc Size: 124KB - Virtual size: 123KB

.reloc Size: 1024B - Virtual size: 838B

.text
Size: 2KB - Virtual size: 1KB

.icode
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 260B

.mtemp
Size: 512B - Virtual size: 128B

.etable
Size: 1024B - Virtual size: 540B

.rsrc
Size: 124KB - Virtual size: 123KB

.reloc
Size: 1024B - Virtual size: 838B