5cef2df76844881f13460c109c38599f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5cef2df76844881f13460c109c38599f_JaffaCakes118
Size

14.8MB
MD5

5cef2df76844881f13460c109c38599f
SHA1

58dbe734921dc0ff14e6ff5c685ff38fd0129dc5
SHA256

574b1e3a05adb8a2641e015ed24c268d8036d64c714f8c4470fa3606596f76d0
SHA512

afd25fd41bef8f7d4f37b348acac75d1a4936317dcd95faa1dd366a029f5e5e61562f01d41f4b42bdefe5b20f76e9788fa47bf50c3f0e9cd8a68dc1f025c4eef
SSDEEP

393216:ABtUwuAtbiECUhbqPbos9u8PCNMFAQ3ZYJwrI6au:ABmw9bCMbEb37YMFAmZYWrzZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/crack/keygen.exe
unpack001/setup.exe

Files

5cef2df76844881f13460c109c38599f_JaffaCakes118
.rar
crack/keygen.exe
.exe windows:4 windows x86 arch:x86

76b88f3a6dfd75d6720ace3fca8872fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemTextA
GetDlgItemTextA
EndDialog
DialogBoxParamA
wsprintfA

kernel32

ExitProcess
lstrlenA
RtlZeroMemory
GetTickCount
GetModuleHandleA

Sections

.text
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
crack/下载说明.htm
.html .js polyglot
crack/安装说明.txt
crack/非常世纪资源网.url
.url
setup.exe
.exe windows:4 windows x86 arch:x86

678986d7fe8eb1ebce8a0b924f59474d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
VirtualFree
lstrcpyA
ExitProcess
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteFile
lstrlenA
VirtualAlloc
ReadFile
CreateFileA
GetModuleFileNameA
GetLastError
CreateMutexA

user32

SetCursor
LoadCursorA
wsprintfA
MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot
非常世纪资源网.url
.url

Sharing

General

Malware Config

Signatures

Files

76b88f3a6dfd75d6720ace3fca8872fe

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 1024B - Virtual size: 954B

.rdata Size: 512B - Virtual size: 338B

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 137KB - Virtual size: 136KB

678986d7fe8eb1ebce8a0b924f59474d

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 512B - Virtual size: 32B

.data Size: 512B - Virtual size: 9KB

.idata Size: 1024B - Virtual size: 574B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 896B

.text
Size: 1024B - Virtual size: 954B

.rdata
Size: 512B - Virtual size: 338B

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 137KB - Virtual size: 136KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 512B - Virtual size: 9KB

.idata
Size: 1024B - Virtual size: 574B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 896B