4dff6b3a506f0c1c9ec8b102c8b3254c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4dff6b3a506f0c1c9ec8b102c8b3254c_JaffaCakes118
Size

900KB
MD5

4dff6b3a506f0c1c9ec8b102c8b3254c
SHA1

e31cb1df5e96e2f59af91f064ee1ee4f1e7c1706
SHA256

d756d1c3b3c8e91a3a979c9609facdff7ca6b0c28f7897fb0a963cbab10e621c
SHA512

50eb9f59122849651af3a485b8527d55a934a8566ca7e36a7d24ce1ffc04b5cb279e195937be35fb5ace1833065b28d5d807dfc4f7614aae818907ab484cd94c
SSDEEP

12288:XTcU6jxYyt7GyWl/tJKHqpnftURMZMpZAkAOoYdCdhNdUB7NFlRpBomFb8E6IGRh:jTJ0WlV8HUmRMZsANWCqjF/FAXtK3ww8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/u1003.exe

Files

4dff6b3a506f0c1c9ec8b102c8b3254c_JaffaCakes118
.rar
u1003.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

_EXECryptor_GetHardwareID@0
_EXECryptor_IsAppProtected@0

Sections

Size: 316KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nitayopu
Size: 576KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bvnymova
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wjbutton_en.xpi
.zip
CREDITS
LICENSE
chrome.manifest
chrome/wj.jar
.zip
content/about.xul
.xml
content/contents.rdf
content/popup.xul
.xml
content/preferences.js
.js
content/preferences.xul
.xml
content/wj.js
.js
content/wj.xul
.js .xml polyglot
content/wj_tb.xul
.js .xml polyglot
locale/en-US/contents.rdf
.xml
locale/en-US/wj.dtd
locale/en-US/wj.properties
locale/zh-CN/contents.rdf
.xml
locale/zh-CN/wj.dtd
locale/zh-CN/wj.properties
skin/Thumbs.db
skin/contents.rdf
.xml
skin/wj-16-red.png
.png
skin/wj-16.png
.png
skin/wj-24-red.png
.png
skin/wj-24.png
.png
skin/wj.css
skin/wj.png
.png
defaults/preferences/preferences.js
install.rdf

Sharing

General

Malware Config

Signatures

Files

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

Imports

kernel32

comctl32

Exports

Exports

Sections

Size: 316KB - Virtual size: 4.4MB

.rsrc Size: 16KB - Virtual size: 50KB

.idata Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 720KB

nitayopu Size: 576KB - Virtual size: 576KB

bvnymova Size: 4KB - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 50KB

.idata
Size: 4KB - Virtual size: 4KB

nitayopu
Size: 576KB - Virtual size: 576KB

bvnymova
Size: 4KB - Virtual size: 4KB