01d4387236f1087f7255386cc0a4fb30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01d4387236f1087f7255386cc0a4fb30_JaffaCakes118
Size

8.4MB
MD5

01d4387236f1087f7255386cc0a4fb30
SHA1

77b0a22d9d61725927e257725dcad0f0d839ebe6
SHA256

e94f4ee58137e5edc3d9babf5816855f7c389a91f73c5e5d3eb42a17768aa3b4
SHA512

e9004fd4a55cde28f1a3ca77dae55bb2d82b72f117fafc8914da25bf76f1db37c35f7deb42d1cd7262c182e2fbe690ea1a41d23beec9b058a4cc8d3da99eaef1
SSDEEP

196608:YF35Ik0W8AvzS3/vNeuOi7gZCz+/j/yjCkSXZZE8A:cB93vmvvNhOi7gkz0kSpC8A

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Crack/ScreenCapturix.exe
unpack001/Crack/cmc.exe
unpack001/Crack/vcap2k7.exe
unpack001/Crack/vcms.exe

Files

01d4387236f1087f7255386cc0a4fb30_JaffaCakes118
.rar
Crack/ScreenCapturix.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 207KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 275KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Crack/cmc.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 81KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 266KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Crack/vcap2k7.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 806KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 307KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Crack/vcms.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 110KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 271KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vcap.exe
.exe windows:1 windows x86 arch:x86

Code Sign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

40:92:13:42:19:e7:77:30:4f:84:d9:91:3e:84:33:a8
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

21/07/2006, 00:00

Not After

21/07/2007, 23:59

Subject

CN=CAPTURIX - Sistemas e Produtos Informaticos\, S. Unipessoal Lda,O=CAPTURIX - Sistemas e Produtos Informaticos\, S. Unipessoal Lda,POSTALCODE=2801-613 ALMADA,STREET=APARTADO 700,L=ALMADA,ST=PT,C=PT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e0:11:d4:83:02:bf:8b:17:1e:c4:da:96:ac:08:24:e8:56:3b:0d:82
Signer

Actual PE Digest

e0:11:d4:83:02:bf:8b:17:1e:c4:da:96:ac:08:24:e8:56:3b:0d:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
安装说明.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 207KB - Virtual size: 392KB

Size: 512B - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 8KB

Size: 512B - Virtual size: 4KB

.data Size: 275KB - Virtual size: 276KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

Size: 81KB - Virtual size: 188KB

Size: 512B - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 8KB

Size: 512B - Virtual size: 4KB

.data Size: 266KB - Virtual size: 268KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

Size: 806KB - Virtual size: 1.9MB

Size: 512B - Virtual size: 60KB

.rsrc Size: 512B - Virtual size: 8KB

Size: 512B - Virtual size: 4KB

.data Size: 307KB - Virtual size: 308KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

Size: 110KB - Virtual size: 236KB

Size: 512B - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 8KB

Size: 512B - Virtual size: 4KB

.data Size: 271KB - Virtual size: 272KB

.adata Size: - Virtual size: 4KB

Code Sign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

40:92:13:42:19:e7:77:30:4f:84:d9:91:3e:84:33:a8Certificate

Extended Key Usages

Key Usages

e0:11:d4:83:02:bf:8b:17:1e:c4:da:96:ac:08:24:e8:56:3b:0d:82Signer

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 36KB - Virtual size: 35KB

DATA Size: 1024B - Virtual size: 584B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 8KB

.data
Size: 275KB - Virtual size: 276KB

.adata
Size: - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 8KB

.data
Size: 266KB - Virtual size: 268KB

.adata
Size: - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 8KB

.data
Size: 307KB - Virtual size: 308KB

.adata
Size: - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 8KB

.data
Size: 271KB - Virtual size: 272KB

.adata
Size: - Virtual size: 4KB

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

40:92:13:42:19:e7:77:30:4f:84:d9:91:3e:84:33:a8
Certificate

e0:11:d4:83:02:bf:8b:17:1e:c4:da:96:ac:08:24:e8:56:3b:0d:82
Signer

CODE
Size: 36KB - Virtual size: 35KB

DATA
Size: 1024B - Virtual size: 584B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB