08b7b408e3e19eb2f6ab129ca2c297d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08b7b408e3e19eb2f6ab129ca2c297d9_JaffaCakes118
Size

17.6MB
MD5

08b7b408e3e19eb2f6ab129ca2c297d9
SHA1

70d36fc27558ebf15f2f1cfe61fcd29d8dbb7535
SHA256

84a599ac0aa8e76afd919f3b3866d12910a0bf88532d68ff433c69bc06c46d8c
SHA512

b75e81316af2a61f109bf7308929ceee4082913c577ae09844bf5ecbee2fc2433d5d670d260d4d426bad1f1268750e54a327b3dc60070de9e5a9d9a396c0791d
SSDEEP

393216:dQxTxbmKeHwANy/JVn9P7rVXZlAG1OpW8gFbgzmQLkYYYEZu7CeUtQOMLPDu8AEC:kEQAqB7rVTOpj+szV0nuBOYPDu8AxwVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/TDU2.dll
unpack002/TestDrive2.exe

Files

08b7b408e3e19eb2f6ab129ca2c297d9_JaffaCakes118
.zip
NoDVD_(Offline-igra_bez_registratsii).rar
.rar
TDU2.dll
.dll windows:4 windows x86 arch:x86

cf3afa13cb4a38c3741b9573d5da93b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar

Exports

Exports

___CPPdebugHook

Sections

Size: 67KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bkicqkvg
Size: 562KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hkoxxviu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TestDrive2.exe
.exe windows:4 windows x86 arch:x86

815e1ba56e855b07daa7197697b159cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA

Sections

Size: 201KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16.5MB - Virtual size: 18.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lefzqahl
Size: 619KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jlbthvyi
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
key.txt
Инструкция.txt
�� ᪠砭 � ᠩ�� PlayGround.ru.url
.url

Sharing

General

Malware Config

Signatures

Files

cf3afa13cb4a38c3741b9573d5da93b6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

Size: 67KB - Virtual size: 168KB

.rsrc Size: 2KB - Virtual size: 8KB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 748KB

bkicqkvg Size: 562KB - Virtual size: 564KB

hkoxxviu Size: 512B - Virtual size: 4KB

815e1ba56e855b07daa7197697b159cd

Headers

File Characteristics

Imports

kernel32

Sections

Size: 201KB - Virtual size: 448KB

.rsrc Size: 16.5MB - Virtual size: 18.4MB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 812KB

lefzqahl Size: 619KB - Virtual size: 620KB

jlbthvyi Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 8KB

.idata
Size: 512B - Virtual size: 4KB

bkicqkvg
Size: 562KB - Virtual size: 564KB

hkoxxviu
Size: 512B - Virtual size: 4KB

.rsrc
Size: 16.5MB - Virtual size: 18.4MB

.idata
Size: 512B - Virtual size: 4KB

lefzqahl
Size: 619KB - Virtual size: 620KB

jlbthvyi
Size: 512B - Virtual size: 4KB