9213c8e06e56f555693c2f8f73d32269_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9213c8e06e56f555693c2f8f73d32269_JaffaCakes118
Size

77KB
MD5

9213c8e06e56f555693c2f8f73d32269
SHA1

32dcaf4e2f19c9d50d928e5a439d57234c82849b
SHA256

622e839f3a1b0f2d3487e1cca586409a6ab9766fe13876f2b5e6e5c99d94be7c
SHA512

3a1f67a23ff69b19abf00103fea15731e148c481c132ae715fc671fb048467e6ef017a911ddf3eeafc977827f90a638b8681ee1b42e105934498185bb72106cd
SSDEEP

1536:85NKUeaVoNHs/ZYSmSl9fST1J3tK70R8W6e7cgdmRmVoAzVLS5/8kHTQ4vQ:85kUXVqsnmS/SRlpAamRuVSUQQ4vQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Droppix.Recorder.2.5.1.Inc.ISO.PowerPack_CRK-FFF/droppix.recorder.2.5.1.inc.iso.powerpack-patch.exe

Files

9213c8e06e56f555693c2f8f73d32269_JaffaCakes118
.zip
Droppix.Recorder.2.5.1.Inc.ISO.PowerPack_CRK-FFF/FFF.NFO
Droppix.Recorder.2.5.1.Inc.ISO.PowerPack_CRK-FFF/FILE_ID.DIZ
Droppix.Recorder.2.5.1.Inc.ISO.PowerPack_CRK-FFF/droppix.recorder.2.5.1.inc.iso.powerpack-patch.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 66KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
keygen.nfo