55aa5cce3a5cd40e1d0eab00df3f0a71_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

55aa5cce3a5cd40e1d0eab00df3f0a71_JaffaCakes118
Size

1.0MB
MD5

55aa5cce3a5cd40e1d0eab00df3f0a71
SHA1

b244962defbae365f73b0198cd4ac00f9b679578
SHA256

611f31ca9ba17535400f55e73d07268cb1ea2162a9c32942492b9849c270fca9
SHA512

fffc224abc4834540b45e3b5e70758058350e5942694abb19b554f01a7a34a660306ba45ec93755b79ca62e6397e66f7719b0d14be4b710e4e9a90bedaca6156
SSDEEP

24576:rqseoj46ts9j37guvsWAZ+tkKD9O5oTDaDx28TyDzw:rqs9Mxj3sKxAZBGO5n2i

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PS磨皮优化滤镜/Portraiture.8BF
unpack001/PS磨皮优化滤镜/keygen.exe

Files

55aa5cce3a5cd40e1d0eab00df3f0a71_JaffaCakes118
.rar
PS磨皮优化滤镜/Portraiture.8BF
.dll windows:5 windows x86 arch:x86

c57c8c5072c46f855c16a3efc7e57d18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msimg32

TransparentBlt
GradientFill

kernel32

VirtualFree
LoadLibraryW
GetLastError
SetLastError
GetModuleFileNameW
LoadLibraryA
GetProcessHeap
FreeLibrary
FreeResource
LockResource
LoadResource
FindResourceA
GetCurrentThreadId
LocalFree
FormatMessageA
GetFileAttributesA
SetProcessAffinityMask
Sleep
GetProcessAffinityMask
GetCurrentProcess
SetEndOfFile
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetModuleFileNameA
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
VirtualAlloc
HeapDestroy
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetCommandLineA
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
VirtualQuery
CreateFileA
GetCurrentProcessId
HeapFree
HeapAlloc
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
CreateFileW
WriteFile
DeleteFileW
CreateDirectoryA
GetSystemInfo
CopyFileA
DeleteFileA
OutputDebugStringA
CreateThread
CreateEventA
SetEvent
WaitForSingleObject
ReleaseMutex
CloseHandle
CreateMutexA
GlobalAlloc
GlobalLock
GlobalUnlock
ExitProcess
SetEnvironmentVariableA

user32

SetClassLongA
DefWindowProcA
GetSysColor
FillRect
DrawTextA
ReleaseDC
GetWindowDC
LoadImageA
KillTimer
SetTimer
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
PeekMessageA
PostMessageA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateDialogIndirectParamA
MonitorFromWindow
GetMonitorInfoA
GetClientRect
EndDialog
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
SetActiveWindow
GetDesktopWindow
GetWindow
IsZoomed
SetCapture
MonitorFromPoint
GetWindowTextA
SetWindowTextA
SetWindowLongA
CreateWindowExA
GetKeyState
SetFocus
GetFocus
LoadCursorA
SetCursor
GetWindowRect
MoveWindow
InvalidateRect
UpdateWindow
RedrawWindow
ShowWindow
SetWindowPos
DestroyWindow
IsWindow
GetWindowLongA
GetCursorPos
ScreenToClient
BeginPaint
EndPaint
GetParent
TrackMouseEvent
CallWindowProcA
SetMenuItemInfoA
EnableMenuItem
CheckMenuItem
GetMenuItemID
GetMenuItemCount
AppendMenuA
ClientToScreen
TrackPopupMenuEx
GetCapture
ReleaseCapture
IsMenu
DestroyMenu
CreatePopupMenu
SendMessageA
SetRect
GetDlgItem
EnableWindow
GetActiveWindow
MessageBoxA
GetWindowTextLengthA
GetClassLongA

gdi32

GetObjectA
Polyline
Polygon
CreateCompatibleDC
DeleteDC
CreateSolidBrush
CreatePen
MoveToEx
LineTo
SetPixel
SetDIBitsToDevice
CreateFontIndirectA
SetICMMode
SetTextColor
SetBkMode
SelectObject
DeleteObject
BitBlt
CreateCompatibleBitmap
SelectClipRgn
CreateRectRgn
SetStretchBltMode
SetBrushOrgEx
Ellipse
StretchBlt
GetStretchBltMode
CreateDIBSection

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA
SHGetFolderPathA

wininet

InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
InternetOpenA

Exports

Exports

PluginMain
_NoisewareProc@16

Sections

.text
Size: 691KB - Virtual size: 690KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PS磨皮优化滤镜/keygen.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 309KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c57c8c5072c46f855c16a3efc7e57d18

Headers

File Characteristics

Imports

msimg32

kernel32

user32

gdi32

advapi32

shell32

wininet

Exports

Exports

Sections

.text Size: 691KB - Virtual size: 690KB

.rdata Size: 176KB - Virtual size: 176KB

.data Size: 14KB - Virtual size: 92KB

.rsrc Size: 395KB - Virtual size: 394KB

.reloc Size: 74KB - Virtual size: 73KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 309KB - Virtual size: 2.9MB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 691KB - Virtual size: 690KB

.rdata
Size: 176KB - Virtual size: 176KB

.data
Size: 14KB - Virtual size: 92KB

.rsrc
Size: 395KB - Virtual size: 394KB

.reloc
Size: 74KB - Virtual size: 73KB

.text
Size: 309KB - Virtual size: 2.9MB

.rsrc
Size: 9KB - Virtual size: 12KB