341fee098a008b1503f830044598c016_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

341fee098a008b1503f830044598c016_JaffaCakes118
Size

3.9MB
MD5

341fee098a008b1503f830044598c016
SHA1

75e7ed4dc7bc1d69d2bcfce943020f3d0940336b
SHA256

2efc3cb5016e2ec3bbfdb190b5db20e7588c83da17c02f443500f57a851e3e25
SHA512

89730fa80dc98b1f88b7a0e7a248d0706ee40d9c14fbf8e3dbe9e4a9517aa37def56c7b1b48eec2fc7eabf9d0df8b67bf77054c6766eccf5b1c7b2348566113d
SSDEEP

98304:EMlDYXcMpLePIGpDtEpMxfeCAAP/jtjs1Vyvn3cIAtwzO:EBXcaVGTKMoAnpjsO/3RbS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RemoveIT Pro v4 - SE/removeit.exe

Files

341fee098a008b1503f830044598c016_JaffaCakes118
.rar
RemoveIT Pro v4 - SE/Languages/Deutsch (Experimental).vlng
RemoveIT Pro v4 - SE/Languages/Espanol (Experimental).vlng
RemoveIT Pro v4 - SE/Languages/French (Experimental).vlng
RemoveIT Pro v4 - SE/Languages/Hrvatski.vlng
RemoveIT Pro v4 - SE/Languages/Italian (Experimental).vlng
RemoveIT Pro v4 - SE/Languages/Portuguese (Experimental).vlng
RemoveIT Pro v4 - SE/LicenseAgreement.txt
RemoveIT Pro v4 - SE/Readme.txt
RemoveIT Pro v4 - SE/RegBase.rgk
RemoveIT Pro v4 - SE/files.dat
RemoveIT Pro v4 - SE/removeit.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 920KB - Virtual size: 919KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 463KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 920KB - Virtual size: 919KB

DATA Size: 108KB - Virtual size: 107KB

BSS Size: - Virtual size: 6KB

.idata Size: 11KB - Virtual size: 11KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 55KB - Virtual size: 55KB

.rsrc Size: 463KB - Virtual size: 463KB

CODE
Size: 920KB - Virtual size: 919KB

DATA
Size: 108KB - Virtual size: 107KB

BSS
Size: - Virtual size: 6KB

.idata
Size: 11KB - Virtual size: 11KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 55KB - Virtual size: 55KB

.rsrc
Size: 463KB - Virtual size: 463KB