5b3d7ec4074dd4cd572963033dd6eef3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5b3d7ec4074dd4cd572963033dd6eef3_JaffaCakes118
Size

1.3MB
MD5

5b3d7ec4074dd4cd572963033dd6eef3
SHA1

587054783a02031ee8234bc18c85ace90aad4197
SHA256

f01b837060fd6f3eb15ee471936ff718f9ab1b755c2ad289c715308e0891fb89
SHA512

ec95327e29374ee307f5c329c8fcdd1779e93d335192a9a26bf043cf6e2ec32753cadd32f7f8c6dd1a7d23332feacaa32dcd2515dc16caf5ba72368f173f5baf
SSDEEP

24576:p27tWEv4wbnZDzyQQFcl0xhdiS/wdQg3iQ/l54T1TuvUOzJ1RKOghBT:Y34wd3sci1zUQg3Db4T1TxQHRKO8

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Keygen/maze-keygen.exe
unpack001/RAM_Saver_Pro_11.4/ramsaverpro.exe

Files

5b3d7ec4074dd4cd572963033dd6eef3_JaffaCakes118
.rar
RAM_Saver_Pro_11.4/Serial_Keygen/Keygen_Maze.rar
.rar
Keygen/file_id.diz
Keygen/maze-keygen.exe
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

MAZE
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MAZE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MAZE
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MAZE
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Keygen/maze.nfo
RAM_Saver_Pro_11.4/Serial_Keygen/serial.txt
RAM_Saver_Pro_11.4/file_id.diz
RAM_Saver_Pro_11.4/license.txt
RAM_Saver_Pro_11.4/ramsaverpro.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RAM_Saver_Pro_11.4/ramsaverpro.xml
.xml
RAM_Saver_Pro_11.4/readme.txt

Sharing

General

Malware Config

Signatures

Files

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

MAZE Size: 7KB - Virtual size: 12KB

MAZE Size: 512B - Virtual size: 4KB

MAZE Size: 512B - Virtual size: 76KB

.rsrc Size: 25KB - Virtual size: 56KB

MAZE Size: 21KB - Virtual size: 21KB

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 37KB - Virtual size: 36KB

DATA Size: 1024B - Virtual size: 588B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 21KB - Virtual size: 20KB

MAZE
Size: 7KB - Virtual size: 12KB

MAZE
Size: 512B - Virtual size: 4KB

MAZE
Size: 512B - Virtual size: 76KB

.rsrc
Size: 25KB - Virtual size: 56KB

MAZE
Size: 21KB - Virtual size: 21KB

CODE
Size: 37KB - Virtual size: 36KB

DATA
Size: 1024B - Virtual size: 588B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 21KB - Virtual size: 20KB