ab41ee46cbe071b89721fc61e311fe30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab41ee46cbe071b89721fc61e311fe30_JaffaCakes118
Size

7.8MB
MD5

ab41ee46cbe071b89721fc61e311fe30
SHA1

187c070a977a0600649c19d136a3fedf456c6714
SHA256

4a287d749dfdf9fefd39a1a07f3dba9a330133f15751ad1b3adb3d89a921ad09
SHA512

09dd66844e15496367317e253cb3abbbc1d04de3b3cc96f11fa81d2b3535ec4485d652210db8a7ad7244a0f6029dc3682f75a49cc2bcd5cd1679ef8972a4d212
SSDEEP

196608:CPOJdwjGjvpSERYpWhV+607CdulhHs2chFj6jf:CPGZjv3RY42Cduv528r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PDF Encryptor V10.0/PDFEncryptor V10.0.exe

Files

ab41ee46cbe071b89721fc61e311fe30_JaffaCakes118
.rar
PDF Encryptor V10.0/PDFEncryptor V10.0.exe
.exe windows:5 windows x86 arch:x86

88497e730078c16d1e12de667e4ab232

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

VariantCopy

advapi32

RegQueryValueExA

user32

OffsetRect

kernel32

GetVersion
GetVersionExA
LoadLibraryExA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

GetEnhMetaFileHeader

version

GetFileVersionInfoSizeA

ole32

CoTaskMemFree

comctl32

ImageList_Draw

shell32

ShellExecuteA

comdlg32

GetOpenFileNameA

Sections

.text
Size: - Virtual size: 549KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 52B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PDF Encryptor V10.0/PDF加密器操作视频演示.wmv
PDF Encryptor V10.0/加密文件和创建阅读密码操作说明.txt

Sharing

General

Malware Config

Signatures

Files

88497e730078c16d1e12de667e4ab232

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

version

ole32

comctl32

shell32

comdlg32

Sections

.text Size: - Virtual size: 549KB

.itext Size: - Virtual size: 2KB

.data Size: - Virtual size: 9KB

.bss Size: - Virtual size: 19KB

.idata Size: - Virtual size: 11KB

.tls Size: - Virtual size: 52B

.rdata Size: - Virtual size: 24B

.vmp0 Size: - Virtual size: 6.5MB

.vmp1 Size: 7.1MB - Virtual size: 7.1MB

.reloc Size: 512B - Virtual size: 196B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: - Virtual size: 549KB

.itext
Size: - Virtual size: 2KB

.data
Size: - Virtual size: 9KB

.bss
Size: - Virtual size: 19KB

.idata
Size: - Virtual size: 11KB

.tls
Size: - Virtual size: 52B

.rdata
Size: - Virtual size: 24B

.vmp0
Size: - Virtual size: 6.5MB

.vmp1
Size: 7.1MB - Virtual size: 7.1MB

.reloc
Size: 512B - Virtual size: 196B

.rsrc
Size: 4KB - Virtual size: 3KB