388815d56610435d411d5ba61dacb865_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

388815d56610435d411d5ba61dacb865_JaffaCakes118
Size

1.0MB
MD5

388815d56610435d411d5ba61dacb865
SHA1

0c34cd23a2b4a38ca5dbbc541c61b96c91e6367e
SHA256

ca4af95d1b43712929641773a4e4d5970a90a562eccec5bb7d2361a3b20b727e
SHA512

77d4402644cff881e686c10eaf667fae47dc6791382291ecbe607331d43dee74b57f895d4232be8dd3b5d596d5a362595b86f77abde0ee4588d97d42e2c94181
SSDEEP

24576:sILo4nTtCL4Xr3vsu3tpwc6B3ywyfZbLTBzxB7Pk59k0/PFfxGv32m:VLo4nTgL4X7suDwc6B3o/tr7MvNHFJGL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/StockTD/StockTD.exe

Files

388815d56610435d411d5ba61dacb865_JaffaCakes118
.rar
StockTD/Data/hk_list.txt
StockTD/Data/hk_p_list.txt
StockTD/Data/sh_a_list.txt
StockTD/Data/sh_b_list.txt
StockTD/Data/sh_p_list.txt
StockTD/Data/sz_a_list.txt
StockTD/Data/sz_b_list.txt
StockTD/Data/sz_gem_list.txt
StockTD/Data/sz_p_list.txt
StockTD/Manual.chm
.chm
StockTD/README.TXT
StockTD/StockTD.exe
.exe windows:4 windows x86 arch:x86

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess

user32

MessageBoxA

Sections

.text
Size: 506KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 64B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.perplex
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
StockTD/stocktd_st.ini

Sharing

General

Malware Config

Signatures

Files

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 506KB - Virtual size: 1.0MB

.itext Size: 2KB - Virtual size: 3KB

.data Size: 64KB - Virtual size: 63KB

.bss Size: - Virtual size: 19KB

.idata Size: 13KB - Virtual size: 12KB

.tls Size: - Virtual size: 64B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 68KB

.rsrc Size: 178KB - Virtual size: 428KB

.perplex Size: 103KB - Virtual size: 103KB

.text
Size: 506KB - Virtual size: 1.0MB

.itext
Size: 2KB - Virtual size: 3KB

.data
Size: 64KB - Virtual size: 63KB

.bss
Size: - Virtual size: 19KB

.idata
Size: 13KB - Virtual size: 12KB

.tls
Size: - Virtual size: 64B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 68KB

.rsrc
Size: 178KB - Virtual size: 428KB

.perplex
Size: 103KB - Virtual size: 103KB