a94f58d5f3899afb1b0b9ad2264f78ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a94f58d5f3899afb1b0b9ad2264f78ef_JaffaCakes118
Size

1.0MB
MD5

a94f58d5f3899afb1b0b9ad2264f78ef
SHA1

31304c1b4e1a924d0d7440230ef60d08d07f4752
SHA256

456367cc6f029d06251bfaff0671a5f6c91b4240b927ebf9e4288079458f74f3
SHA512

ce0f52bed769aeb820f17105f50a25fb7d349995bcf59c0333f783094206ac7ead717c73e3f5b095fac1ff6889877b659f79ab4ea1c678efe5c66c0ab5db81b6
SSDEEP

24576:SAwH68vsXsxj1i5O+W24vLwQHo9VdfaTY/rLNjBz/0VB73uIjsQhxnfXD:SAwaSksB1i57W+QHejzLNMB7eIjsQ7fz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DongleManager.exe

Files

a94f58d5f3899afb1b0b9ad2264f78ef_JaffaCakes118
.rar
DongleManager.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 297KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vmoxdtpn
Size: 731KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

evjypssk
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FSCard.ini
Languages/1.English.ini
release.txt
version.txt