fb8bd517e3db8c92f2b4a8480a2a6f13_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb8bd517e3db8c92f2b4a8480a2a6f13_JaffaCakes118
Size

167KB
MD5

fb8bd517e3db8c92f2b4a8480a2a6f13
SHA1

cd6e02ba27d82a0d698cc51e98ad795d0a13eaa1
SHA256

d687f4372fa10a8579d34aa1e923f4d27e45e4f135aa7a2b48236984711358c6
SHA512

42720b64435301d23384951615a85eeb49219a9ddf3489fcd3e2a97b608bd481dcb9a7ea9a0b205d905f39bc2cf158c24f427a67f2c2401e5f213eb51b040214
SSDEEP

3072:wd0awj43izmWaFIaWFKbHHrQrIOiQ7DhsMrYQx4Uk1ZNPIj2cGMNRWv:wuawj4G33jFwHLkiItdx1k1ZpIicQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/pmRuler.exe

Files

fb8bd517e3db8c92f2b4a8480a2a6f13_JaffaCakes118
.rar
pmRuler.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.RIF1
Size: 334KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RIF2
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RIF3
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RIF4
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RIF5
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RIF6
Size: 15B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RIF7
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!rc!
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RIF9
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RIF:
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!rc!
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.RIF1 Size: 334KB - Virtual size: 336KB

.RIF2 Size: 4KB - Virtual size: 8KB

.RIF3 Size: - Virtual size: 4KB

.RIF4 Size: 8KB - Virtual size: 12KB

.RIF5 Size: - Virtual size: 4KB

.RIF6 Size: 15B - Virtual size: 4KB

.RIF7 Size: - Virtual size: 24KB

.!rc! Size: - Virtual size: 32KB

.RIF9 Size: 6KB - Virtual size: 8KB

.RIF: Size: - Virtual size: 4KB

.!rc! Size: 31KB - Virtual size: 32KB

.rsrc Size: 31KB - Virtual size: 32KB

.RIF1
Size: 334KB - Virtual size: 336KB

.RIF2
Size: 4KB - Virtual size: 8KB

.RIF3
Size: - Virtual size: 4KB

.RIF4
Size: 8KB - Virtual size: 12KB

.RIF5
Size: - Virtual size: 4KB

.RIF6
Size: 15B - Virtual size: 4KB

.RIF7
Size: - Virtual size: 24KB

.!rc!
Size: - Virtual size: 32KB

.RIF9
Size: 6KB - Virtual size: 8KB

.RIF:
Size: - Virtual size: 4KB

.!rc!
Size: 31KB - Virtual size: 32KB

.rsrc
Size: 31KB - Virtual size: 32KB