fe1c494fd4cd303a9c750652b4d8c566_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe1c494fd4cd303a9c750652b4d8c566_JaffaCakes118
Size

58KB
MD5

fe1c494fd4cd303a9c750652b4d8c566
SHA1

e2617f1bb2877a54f2c9528f7117af1577af3fae
SHA256

45c9bf4a7f833260e18d5dfe6dc2b48ac4813c12f6c59bab20ece2bf63eb5f02
SHA512

6c740955d0d0c8bf2588c6883d3c994568baa599d3ede740748330008848a57f71e70eb6e8105b0211048f0e90b7ca673373854d24d228311818dbdd913d17a7
SSDEEP

1536:D5tgwF+MA0JS8kVxBnNG3fUa6Zlp343ieiaXSqq7M:QxAXkjRNkuZLoS/zg

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Lz0/ibfs32.dll
unpack001/Lz0/lz-edrawings12.exe
unpack001/Lz0/lz-solidworks12x32.exe
unpack001/Lz0/lz-swexplorer12x32.exe

Files

fe1c494fd4cd303a9c750652b4d8c566_JaffaCakes118
.rar
Lz0/edrwfix.reg
Lz0/ibfs32.dll
.dll windows:5 windows x86 arch:x86

71efa23396fa4cccfccec78927b5d78a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

GetUserNameA

msvcr90

_decode_pointer

version

GetFileVersionInfoSizeA

Sections

.text
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Lz0/install.txt
Lz0/lz-edrawings12.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 11KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Lz0/lz-solidworks12x32.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 11KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Lz0/lz-swexplorer12x32.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 11KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Lz0/lz0-sw2012.reg
Lz0/sw2012.lic

Sharing

General

Malware Config

Signatures

Files

71efa23396fa4cccfccec78927b5d78a

Headers

File Characteristics

Imports

kernel32

advapi32

msvcr90

version

Sections

.text Size: 10KB - Virtual size: 36KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 512B

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 11KB - Virtual size: 84KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 11KB - Virtual size: 84KB

.rsrc Size: 5KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 11KB - Virtual size: 84KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 10KB - Virtual size: 36KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 512B

.text
Size: 11KB - Virtual size: 84KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 11KB - Virtual size: 84KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 11KB - Virtual size: 84KB

.rsrc
Size: 5KB - Virtual size: 8KB