3912a500ca38242947cdec819d890179_JaffaCakes118 | Triage

Sharing

General

Target

3912a500ca38242947cdec819d890179_JaffaCakes118
Size

201KB
MD5

3912a500ca38242947cdec819d890179
SHA1

accb634c335dd52a06dc11b0d6cb8a0b7cefe33a
SHA256

c94007fa3ff3c472cc4eaaee9402c021f33cf6294bee917674a43f1b80acffcb
SHA512

e273af2153b5ca8fb2a70b220ceb820dc6174a644174ea892cfb07023da9aaaa971a53c9c562cdadfe1bd65180a88dedd3a415928778341f25d55733fd6eff5e
SSDEEP

6144:lbHbYcnTG2m5uKgWQaDoRABLK2bTjx9y1w:lLEcDm5dLDQABLdjx95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WinRAR.v3.90.Keyfile.Maker.Only-FFF/Keygen.exe

Files

3912a500ca38242947cdec819d890179_JaffaCakes118
.zip
WinRAR.v3.90.Keyfile.Maker.Only-FFF/Keygen.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 190KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
WinRAR.v3.90.Keyfile.Maker.Only-FFF/fff.nfo
WinRAR.v3.90.Keyfile.Maker.Only-FFF/file_id.diz
keygen.nfo