33101cfe1b70fce38b465877e5159745_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33101cfe1b70fce38b465877e5159745_JaffaCakes118
Size

294KB
MD5

33101cfe1b70fce38b465877e5159745
SHA1

255b77d3d0bbe3fbaa2a094ddb342cb657e88553
SHA256

6d0385b2705068fdd1a7c571c1839d964e0073880fd1330669c505acdbc6a3e4
SHA512

2fb56f686a6590c2633cc5c894a6473b5a0aa9e3630e6be9c7d21252eba383754ec30220e59448910a1b3240705411e9fd5e754146d3c30277f2a3b56e02f6f1
SSDEEP

6144:BqN/Vje30PRmvagwIvw0vHIEU2T/npDAWwBLoCsQ66yDRavlfE:B0/VimWIoTlAbLufavlc

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/JPEG照片批量修改器/JPEG Resizer.exe
unpack001/JPEG照片批量修改器/resizer.ocx

Files

33101cfe1b70fce38b465877e5159745_JaffaCakes118
.rar
JPEG照片批量修改器/JPEG Resizer.exe
.exe windows:4 windows x86 arch:x86

84eec00bf8519a73a39a51932c021c88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaObjVar
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord716
__vbaFPException
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarSetVar
__vbaLateMemCall
_CIatan
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
JPEG照片批量修改器/resizer.ocx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 573KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
JPEG照片批量修改器/使用说明.txt
JPEG照片批量修改器/更多软件下载.url
JPEG照片批量修改器/系统之家.url

Sharing

General

Malware Config

Signatures

Files

84eec00bf8519a73a39a51932c021c88

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

Headers

File Characteristics

Sections

CODE Size: 573KB - Virtual size: 573KB

DATA Size: 8KB - Virtual size: 7KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 37KB - Virtual size: 37KB

.rsrc Size: 123KB - Virtual size: 123KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB

CODE
Size: 573KB - Virtual size: 573KB

DATA
Size: 8KB - Virtual size: 7KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 37KB - Virtual size: 37KB

.rsrc
Size: 123KB - Virtual size: 123KB