17ff36c911254044e37cfe16b1a6d75e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17ff36c911254044e37cfe16b1a6d75e_JaffaCakes118
Size

2.6MB
MD5

17ff36c911254044e37cfe16b1a6d75e
SHA1

8e925da7b54fe3640d71ed40f1b2423fb6666d3f
SHA256

b89b5353eb20020218e7cfb53e99a4d154a7ecb15e90c3622f22d842b86246cd
SHA512

a3fbf68fd83a841bcd35ffc30016c06721c44dfacc6253fb9e685576325050200c3b337d2b0b008b6800cc482b3078f9e9ce0e25e7176075c8e60df7b02bb446
SSDEEP

49152:DAzJtgpuquZklXcGAIfY1v7JqBgAYUoQqeB1OZuFBKjAhoSByA9ndOo7z/5eJ1p:DSsOk93Y91XQqk1OYKjIoklnV/wP

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/immortal.dll
unpack001/immortal.exe

Files

17ff36c911254044e37cfe16b1a6d75e_JaffaCakes118
.zip
1.wav
README-IMPORTANT.txt
ignoreobjects.lst
immortal.dll
.dll windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 404KB - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dgkqutck
Size: 945KB - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ogeovxdl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
immortal.exe
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 73KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kieuhcjx
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zjobmgzf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
immortal.ini

Sharing

General

Malware Config

Signatures

Files

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 404KB - Virtual size: 896KB

.rsrc Size: 512B - Virtual size: 436B

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 1.3MB

dgkqutck Size: 945KB - Virtual size: 948KB

ogeovxdl Size: 512B - Virtual size: 4KB

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 73KB - Virtual size: 156KB

.rsrc Size: 512B - Virtual size: 996B

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 1.4MB

kieuhcjx Size: 1.1MB - Virtual size: 1.1MB

zjobmgzf Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 436B

.idata
Size: 512B - Virtual size: 4KB

dgkqutck
Size: 945KB - Virtual size: 948KB

ogeovxdl
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 996B

.idata
Size: 512B - Virtual size: 4KB

kieuhcjx
Size: 1.1MB - Virtual size: 1.1MB

zjobmgzf
Size: 512B - Virtual size: 4KB