feeec3cc112f73546d97b15a1c40eb7d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

feeec3cc112f73546d97b15a1c40eb7d_JaffaCakes118
Size

542KB
MD5

feeec3cc112f73546d97b15a1c40eb7d
SHA1

6cfdd791f28edebc2e4dfa3a58fbfa25d10b66de
SHA256

7a4e79345b1d4204b49fdaee7c1c6fd3d6d9c16a72ef60acd2d3197a4c02c1fa
SHA512

1d9ab0a344f15c6119a63d5c6869dfba105dd4f339c0ea59dd0b3a2c7592d5f07220a81a4251084b7c87879898ae73c1679700e98677d01c17dd4ee9a7a16106
SSDEEP

12288:RM8eCosZnslyiw4pXm5ftOBnFF88syuAO:68eBJXqInahAO

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NetBus.exe
unpack001/Patch.exe

Files

feeec3cc112f73546d97b15a1c40eb7d_JaffaCakes118
.zip
Hosts.txt
NetBus.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 411KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
NetBus.rtf
.rtf
Patch.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
uhanfo.exe

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 411KB - Virtual size: 410KB

DATA Size: 6KB - Virtual size: 5KB

BSS Size: - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 8KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 26KB - Virtual size: 25KB

.rsrc Size: 132KB - Virtual size: 132KB

Headers

File Characteristics

Sections

CODE Size: 357KB - Virtual size: 356KB

DATA Size: 6KB - Virtual size: 5KB

BSS Size: - Virtual size: 2KB

.idata Size: 9KB - Virtual size: 9KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 20KB - Virtual size: 20KB

.rsrc Size: 88KB - Virtual size: 88KB

CODE
Size: 411KB - Virtual size: 410KB

DATA
Size: 6KB - Virtual size: 5KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 132KB - Virtual size: 132KB

CODE
Size: 357KB - Virtual size: 356KB

DATA
Size: 6KB - Virtual size: 5KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 88KB - Virtual size: 88KB