5f3752fedb904091892e0e214b34880a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f3752fedb904091892e0e214b34880a_JaffaCakes118
Size

13.4MB
MD5

5f3752fedb904091892e0e214b34880a
SHA1

f72eeaa570c7ac6399b36d8d536a6694a8e156e8
SHA256

ee8424555244fdba6f254285ff1dea43fbc4dbd6cfa054fa64307882a29f4246
SHA512

c3bede6d44b39754fc6c440ea5e7d24314ef4b38b4b7fade2494b4eadda8e8d0f482b1023c5090c6a63786cc9f5e100c14c74bb03d9417d6c9ee8f650ab7ad7c
SSDEEP

393216:KysopIAaOfV8pFYg2cX98YZOJ3Dv9Ag2UR4E5M:KoaIi+g2cN8YMag2w4EO

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack007/TMSTOOLS.dll
unpack008/CEToolsDemo.exe

Files

5f3752fedb904091892e0e214b34880a_JaffaCakes118
.rar
750339388/TMS - CE Tools v1.3 D46 C46 src full.zip
.zip
CEToolsReg.zip
.zip
CEAPI.PAS
CETOOLSB4.HLP
CETOOLSB5.HLP
CETOOLSB6.HLP
CETOOLSD4.HLP
CETOOLSD5.HLP
CETOOLSD6.HLP
CETools.als
CETools.pas
.js
CEToolsPkgc4.bpk
CEToolsPkgc4.cpp
CEToolsPkgc4.res
CEToolsPkgc5.bpk
.xml
CEToolsPkgc5.cpp
CEToolsPkgc5.res
CEToolsPkgc6.bpk
.xml
CEToolsPkgc6.cpp
CEToolsPkgc6.res
CEToolsPkgd4.dpk
CEToolsPkgd4.res
CEToolsPkgd5.dpk
CEToolsPkgd5.res
CEToolsPkgd6.dpk
CEToolsPkgd6.res
CEToolsReg.dcr
CEToolsReg.pas
CEToolsb4.cnt
CEToolsb5.cnt
CEToolsb6.cnt
CEToolsd4.cnt
CEToolsd5.cnt
CEToolsd6.cnt
HELPERDLLARM.zip
.zip
TMSTOOLS.dll
HELPERDLLMIPS.zip
.zip
TMSTOOLS.dll
HELPERDLLSH3.zip
.zip
TMSTOOLS.dll
HELPERDLLX86.zip
.zip
TMSTOOLS.dll
.dll windows:4 windows x86 arch:x86

be9bc6054e0c905705f3e3460db40bce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

coredll

ord544
ord34
ord58
ord33
ord63
ord286
ord257
ord291
ord23
ord24
ord858
GetCurrentProcess

toolhelpm

Process32Next
Process32First
CreateToolhelp32Snapshot
Module32Next
Module32First
CloseToolhelp32Snapshot

Exports

Exports

??0CTMSTOOLS@@QAE@XZ
??4CTMSTOOLS@@QAEAAV0@ABV0@@Z
?nTMSTOOLS@@3HA
_fnENUMWINDOWS@20
_fnFINDWINDOW@20
_fnGETLOCALTIME@20
_fnMESSAGE@20
_fnMODULES@20
_fnPROCS@20
_fnSETLOCALTIME@20

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 333B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cetools.RES
cetools.txt
demo.zip
.zip
CEToolsDemo.dpr
CEToolsDemo.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CEToolsDemo.res
UCEToolsDemo.dfm
UCEToolsDemo.pas
tmsdefs.inc
CEToolsc4.zip
.zip
CEAPI.dcu
CEAPI.hpp
CEAPI.obj
CETOOLSB4.HLP
CETools.dcu
CETools.hpp
CETools.obj
CEToolsPkgc4.bpk
CEToolsPkgc4.cpp
CEToolsPkgc4.res
CEToolsReg.dcr
CEToolsReg.pas
CEToolsb4.cnt
cetools.RES
CEToolsc5.zip
.zip
CEToolsc6.zip
.zip
CEToolsd4.zip
.zip
CEToolsd5.zip
.zip
CEToolsd6.zip
.zip
HELPERDLLARM.zip
.zip
HELPERDLLMIPS.zip
.zip
HELPERDLLSH3.zip
.zip
HELPERDLLX86.zip
.zip
cetools.txt
demo.zip
.zip
750339388/TMS Async32 10 Sep 2002 src.zip
.zip
750339388/TMS Instrumentation Workshop v1.3 10 Sep 2002 src.zip
.zip
750339388/TMS IntraWb comp pack 1.4 plus pro pack 1.1 all sources.zip
.zip
750339388/TMS IntraWeb Component Pack Pro v1.5 19 Sep 2002 src.rar
.rar
750339388/TMS Scripter Studio Dec 19 2002 src.zip
.zip
750339388/TMS Scripter Studio Feb 28 2003 src.rar
.rar
750339388/TMS Skin Factory v1.27 Oct 3 2002 src.zip
.zip
750339388/TMS TAdvStringGrid v1.94 Delphi.zip
.zip
750339388/TMS.Component.Pack.v2.6.Mar.31.2003.src.rar
.rar
750339388/TMSA32D5.zip
.zip
750339388/TMS_Intraweb_ctrls_4_23.ZIP
.zip
750339388/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

be9bc6054e0c905705f3e3460db40bce

Headers

File Characteristics

Imports

coredll

toolhelpm

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 386B

.data Size: 512B - Virtual size: 92B

.edata Size: 512B - Virtual size: 333B

.reloc Size: 512B - Virtual size: 118B

Headers

File Characteristics

Sections

CODE Size: 344KB - Virtual size: 344KB

DATA Size: 4KB - Virtual size: 3KB

BSS Size: - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 25KB - Virtual size: 24KB

.rsrc Size: 54KB - Virtual size: 54KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 386B

.data
Size: 512B - Virtual size: 92B

.edata
Size: 512B - Virtual size: 333B

.reloc
Size: 512B - Virtual size: 118B

CODE
Size: 344KB - Virtual size: 344KB

DATA
Size: 4KB - Virtual size: 3KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 54KB - Virtual size: 54KB