34b8763b769d5d3b32ac8acc09c2f9af_JaffaCakes118

General

Target

34b8763b769d5d3b32ac8acc09c2f9af_JaffaCakes118
Size

260KB
MD5

34b8763b769d5d3b32ac8acc09c2f9af
SHA1

a6b6e5d62fd4c8f1d38399947cddd66ae1da49fe
SHA256

4b814dbaa71c67d5597379dd335d11a25ea99897fb17b6a6c6bff6e7caa6aea3
SHA512

692fe0c058fa1db86649267d6e13d9e22b82dfafb425adafa87de3a40776ecd685e7c5582b5e9f24c0fb296f3ada7c4c0b2416f1f59676f9c71d6b3deb7ac161
SSDEEP

6144:/ZAQEfmwUSASoruFErZuyVaHCK5xay8cPxqBCMAK:/ZAZWV1iGrtVaHhuy8Om3AK

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/batch_icon_converter/ADS.Framework.dll
unpack001/batch_icon_converter/BatchConverter.exe

Files

34b8763b769d5d3b32ac8acc09c2f9af_JaffaCakes118
.rar
batch_icon_converter/ADS.Framework.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Documents and Settings\Andrew\my documents\visual studio 2010\Projects\ADS.Framework\ADS.Framework\obj\Debug\ADS.Framework.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
batch_icon_converter/BatchConverter.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Andrew\my documents\visual studio 2010\Projects\Batch Image Converter\Batch Image Converter\obj\x86\Debug\BatchConverter.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 203B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 258KB - Virtual size: 258KB

.sdata Size: 512B - Virtual size: 182B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 268KB - Virtual size: 267KB

.sdata Size: 512B - Virtual size: 203B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 258KB - Virtual size: 258KB

.sdata
Size: 512B - Virtual size: 182B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 268KB - Virtual size: 267KB

.sdata
Size: 512B - Virtual size: 203B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B