2c4c31b9c36dbcfdb321c47f56b7604e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c4c31b9c36dbcfdb321c47f56b7604e_JaffaCakes118
Size

607KB
MD5

2c4c31b9c36dbcfdb321c47f56b7604e
SHA1

4c4ee30982f3a68228e402f7c87ea930f4361430
SHA256

7cd813bb4e5393248070d10d5fe1ef8c9191a7f99548701311b017c19f7af1d4
SHA512

4135d4885012996ac392a5a0bbac7f16c88bb9d4ce7dc8c684ff6550a0cfdcab4a31714352d5318d215929989196bbc3a2b6941f5102cb8a5f287443782c61ac
SSDEEP

12288:B3Z+Zd0JMOz9yn2AH1qnpzFSSfa3dtt02PE8T2X+F5i5gOAIqueo8F:BJ+T0JMOz9GdVEpBSSILPEzNgOfquF8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/驱动程序备份工具_3.0_绿色破解版_/DriverStore_cr.exe
unpack001/驱动程序备份工具_3.0_绿色破解版_/Plugin/Cookies.dll
unpack001/驱动程序备份工具_3.0_绿色破解版_/Plugin/IEFav.dll
unpack001/驱动程序备份工具_3.0_绿色破解版_/Plugin/MyDoc.dll
unpack001/驱动程序备份工具_3.0_绿色破解版_/Plugin/Regedit.dll

Files

2c4c31b9c36dbcfdb321c47f56b7604e_JaffaCakes118
.rar
驱动程序备份工具_3.0_绿色破解版_/DriverStore_cr.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 524KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
驱动程序备份工具_3.0_绿色破解版_/Plugin/Cookies.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

PluginAbout
PluginFormShow
PluginName

Sections

CODE
Size: 347KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
驱动程序备份工具_3.0_绿色破解版_/Plugin/IEFav.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

PluginAbout
PluginFormShow
PluginName

Sections

CODE
Size: 433KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
驱动程序备份工具_3.0_绿色破解版_/Plugin/MyDoc.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

PluginAbout
PluginFormShow
PluginName

Sections

CODE
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
驱动程序备份工具_3.0_绿色破解版_/Plugin/Regedit.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

PluginAbout
PluginFormShow
PluginName

Sections

CODE
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
驱动程序备份工具_3.0_绿色破解版_/Readme.txt
驱动程序备份工具_3.0_绿色破解版_/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 524KB - Virtual size: 524KB

Size: 304KB - Virtual size: 304KB

Size: 12KB - Virtual size: 12KB

Size: 8KB - Virtual size: 8KB

.rsrc Size: 92KB - Virtual size: 92KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 347KB - Virtual size: 347KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 120B

.reloc Size: 25KB - Virtual size: 25KB

.rsrc Size: 25KB - Virtual size: 25KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 433KB - Virtual size: 432KB

DATA Size: 5KB - Virtual size: 5KB

BSS Size: - Virtual size: 2KB

.idata Size: 9KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 118B

.reloc Size: 31KB - Virtual size: 30KB

.rsrc Size: 40KB - Virtual size: 40KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 352KB - Virtual size: 352KB

DATA Size: 6KB - Virtual size: 5KB

BSS Size: - Virtual size: 4KB

.idata Size: 9KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 118B

.reloc Size: 26KB - Virtual size: 25KB

.rsrc Size: 31KB - Virtual size: 31KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 321KB - Virtual size: 321KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 120B

.reloc Size: 23KB - Virtual size: 23KB

.rsrc Size: 24KB - Virtual size: 24KB

.rsrc
Size: 92KB - Virtual size: 92KB

CODE
Size: 347KB - Virtual size: 347KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 120B

.reloc
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 25KB - Virtual size: 25KB

CODE
Size: 433KB - Virtual size: 432KB

DATA
Size: 5KB - Virtual size: 5KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 9KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 118B

.reloc
Size: 31KB - Virtual size: 30KB

.rsrc
Size: 40KB - Virtual size: 40KB

CODE
Size: 352KB - Virtual size: 352KB

DATA
Size: 6KB - Virtual size: 5KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 9KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 118B

.reloc
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 31KB - Virtual size: 31KB

CODE
Size: 321KB - Virtual size: 321KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 120B

.reloc
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 24KB - Virtual size: 24KB