3656a2a406ad4da8d287633f693acba6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3656a2a406ad4da8d287633f693acba6_JaffaCakes118
Size

6.2MB
MD5

3656a2a406ad4da8d287633f693acba6
SHA1

b90ed4f525e1d27596bd2ca1adb0d9b6364f3c29
SHA256

e7444406a6efc1b64dfe0246a03694e0c6ece62a1ce977e388ee2db2f3e5a604
SHA512

bbfe6b533a92c0219a772d7b2541666c727ddffad9e2f87d79d7c42b42d4b5f154232a059c418c1c7cde929d3dd2a7cff9104ac666438f0df1638378c42c31a8
SSDEEP

98304:/lVT/dKk4iYrOMnlCAfRJhDk3KkVxwSRQS/ZNof/oonRBmW4Y1c21xLneXl:8k4vn8uhDk3pafn/f/nO

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/summerGHOST/GhostSrv.exe
unpack001/summerGHOST/RenIP.exe
unpack001/summerGHOST/TestIP.exe

Files

3656a2a406ad4da8d287633f693acba6_JaffaCakes118
.rar
summerGHOST/GhostSrv.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.textbss
Size: - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 585KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 882B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
summerGHOST/MAXDOS.PXE
summerGHOST/MaxDOS71.sys
.vbs
summerGHOST/RenIP.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.textbss
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 591KB - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 836B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TLS
Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
summerGHOST/TestIP.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.textbss
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TLS
Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
summerGHOST/使用说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.textbss Size: - Virtual size: 628KB

.text Size: 3KB - Virtual size: 4KB

.data Size: 585KB - Virtual size: 588KB

.idata Size: 882B - Virtual size: 4KB

.rsrc Size: 36KB - Virtual size: 36KB

Headers

File Characteristics

Sections

.textbss Size: - Virtual size: 612KB

.text Size: 3KB - Virtual size: 4KB

.data Size: 591KB - Virtual size: 592KB

.idata Size: 836B - Virtual size: 4KB

.TLS Size: 24B - Virtual size: 4KB

.rsrc Size: 99KB - Virtual size: 100KB

.reloc Size: 28B - Virtual size: 4KB

Headers

File Characteristics

Sections

.textbss Size: - Virtual size: 1.8MB

.text Size: 3KB - Virtual size: 4KB

.data Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 1KB - Virtual size: 4KB

.TLS Size: 24B - Virtual size: 4KB

.rsrc Size: 102KB - Virtual size: 104KB

.reloc Size: 28B - Virtual size: 4KB

.textbss
Size: - Virtual size: 628KB

.text
Size: 3KB - Virtual size: 4KB

.data
Size: 585KB - Virtual size: 588KB

.idata
Size: 882B - Virtual size: 4KB

.rsrc
Size: 36KB - Virtual size: 36KB

.textbss
Size: - Virtual size: 612KB

.text
Size: 3KB - Virtual size: 4KB

.data
Size: 591KB - Virtual size: 592KB

.idata
Size: 836B - Virtual size: 4KB

.TLS
Size: 24B - Virtual size: 4KB

.rsrc
Size: 99KB - Virtual size: 100KB

.reloc
Size: 28B - Virtual size: 4KB

.textbss
Size: - Virtual size: 1.8MB

.text
Size: 3KB - Virtual size: 4KB

.data
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 1KB - Virtual size: 4KB

.TLS
Size: 24B - Virtual size: 4KB

.rsrc
Size: 102KB - Virtual size: 104KB

.reloc
Size: 28B - Virtual size: 4KB