33199d71fccf0e3e92973bbbdec29876_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33199d71fccf0e3e92973bbbdec29876_JaffaCakes118
Size

764KB
MD5

33199d71fccf0e3e92973bbbdec29876
SHA1

e24a80616405c1d6cfaf74e722b7663db4d4301b
SHA256

ecd37e3f84887c2d322439aa9c03d343a07fc7c01d09fc9612574f7bf5695185
SHA512

95dc1084f6fa58298d4dfb596155a2e55da411499db99e0b67e4cb3ee9eec3dc9034cc74d673eb10668810178918b3dd80e86c9c5bce8e122b507db16aa708ba
SSDEEP

12288:UN8p4IM696FnMviHjQZb7be5g9oS3bLei/mGtZkjzGX34dwiwoXvkmKlgeX5C+Yp:UeyU96FnMkQZb0gKS3ui/m41R3fZ3pCN

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Keymaker/keygen.exe
unpack001/batch-image-resizer.exe

Files

33199d71fccf0e3e92973bbbdec29876_JaffaCakes118
.rar
Keymaker/keygen.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

KERNEL
Size: 4KB - Virtual size: 1090.9MB

Size: 400KB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
batch-image-resizer.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
安装说明.url
.url