4c8784531cc2d55c9bca10f5fc2de065_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c8784531cc2d55c9bca10f5fc2de065_JaffaCakes118
Size

2.7MB
MD5

4c8784531cc2d55c9bca10f5fc2de065
SHA1

497448c14dd907eb69a48dbbd1467ab0004d8685
SHA256

9b9f93c5e16efaf1a979f723bc7088c334b7aac838e1a8af46c315b15395c681
SHA512

d37a999837c4364581708d811a91f63f4353ca32558c226da88fb903e530d1923937989745af41eb4ecbcbbd5d2cf81e42deb98e7e1364c5b1c298d547f2b1b2
SSDEEP

49152:cmuBREYLkV3Zki7VnJVOnQ1eczH95U+peICHFOI/bNH/zW1ZZt6ZEGo:cmsREYQEi7VnJc6ecD95UvFOCd/C1Zr3

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/uninstall.exe
unpack001/wfde.exe
unpack001/wordfind.dll
unpack001/wordfindb.dll
unpack001/wordfinde.exe

Files

4c8784531cc2d55c9bca10f5fc2de065_JaffaCakes118
.zip
ies.tml
uninstall.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 950KB - Virtual size: 949KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 494KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
wfde.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 729KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
wordfind.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 163B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
wordfindb.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 678KB - Virtual size: 678KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
wordfinde.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 804KB - Virtual size: 804KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 950KB - Virtual size: 949KB

DATA Size: 17KB - Virtual size: 17KB

BSS Size: - Virtual size: 8KB

.idata Size: 11KB - Virtual size: 11KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 75KB - Virtual size: 75KB

.rsrc Size: 494KB - Virtual size: 494KB

Headers

File Characteristics

Sections

CODE Size: 729KB - Virtual size: 728KB

DATA Size: 15KB - Virtual size: 15KB

BSS Size: - Virtual size: 5KB

.idata Size: 10KB - Virtual size: 10KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 53KB - Virtual size: 53KB

.rsrc Size: 112KB - Virtual size: 112KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 1.2MB - Virtual size: 1.2MB

DATA Size: 21KB - Virtual size: 21KB

BSS Size: - Virtual size: 5KB

.idata Size: 11KB - Virtual size: 10KB

.edata Size: 512B - Virtual size: 163B

.reloc Size: 92KB - Virtual size: 91KB

.rsrc Size: 163KB - Virtual size: 163KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 678KB - Virtual size: 678KB

DATA Size: 15KB - Virtual size: 14KB

BSS Size: - Virtual size: 6KB

.idata Size: 10KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 170B

.reloc Size: 49KB - Virtual size: 48KB

.rsrc Size: 158KB - Virtual size: 158KB

Headers

File Characteristics

Sections

CODE Size: 804KB - Virtual size: 804KB

DATA Size: 19KB - Virtual size: 19KB

BSS Size: - Virtual size: 5KB

.idata Size: 9KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 64KB - Virtual size: 64KB

.rsrc Size: 310KB - Virtual size: 310KB

CODE
Size: 950KB - Virtual size: 949KB

DATA
Size: 17KB - Virtual size: 17KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 11KB - Virtual size: 11KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 75KB - Virtual size: 75KB

.rsrc
Size: 494KB - Virtual size: 494KB

CODE
Size: 729KB - Virtual size: 728KB

DATA
Size: 15KB - Virtual size: 15KB

BSS
Size: - Virtual size: 5KB

.idata
Size: 10KB - Virtual size: 10KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 53KB - Virtual size: 53KB

.rsrc
Size: 112KB - Virtual size: 112KB

CODE
Size: 1.2MB - Virtual size: 1.2MB

DATA
Size: 21KB - Virtual size: 21KB

BSS
Size: - Virtual size: 5KB

.idata
Size: 11KB - Virtual size: 10KB

.edata
Size: 512B - Virtual size: 163B

.reloc
Size: 92KB - Virtual size: 91KB

.rsrc
Size: 163KB - Virtual size: 163KB

CODE
Size: 678KB - Virtual size: 678KB

DATA
Size: 15KB - Virtual size: 14KB

BSS
Size: - Virtual size: 6KB

.idata
Size: 10KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 170B

.reloc
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 158KB - Virtual size: 158KB

CODE
Size: 804KB - Virtual size: 804KB

DATA
Size: 19KB - Virtual size: 19KB

BSS
Size: - Virtual size: 5KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 310KB - Virtual size: 310KB