64c84d637900fb060e5482d1176e0d9b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64c84d637900fb060e5482d1176e0d9b_JaffaCakes118
Size

617KB
MD5

64c84d637900fb060e5482d1176e0d9b
SHA1

53ebf5a2223c1f0c16ed2fb6835162457dd2b3c2
SHA256

be7a2f6766452c82af10414e6d323c8e25cb59f19b35a2e413d28c67641ffdfe
SHA512

6b6ef0a3b72746af3ef20576edcf23c2df45aa57051cff323259577bbcf11d9849c8cf25a8dba433d327948ab56bb4445947f909b204036e01551789c705b3a1
SSDEEP

12288:YbKV9vpEd+Q+qzgIaUHq5RUCNihBlxk5W324kHdcYlBlVFzWVoS0fL:Ym6d+QiMK5RzNIPkL9cYlLVFqVobfL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/widget/http.exe

Files

64c84d637900fb060e5482d1176e0d9b_JaffaCakes118
.rar
widget/desc.htm
.html
widget/http.cfg
widget/http.exe
.exe windows:1 windows x86 arch:x86

44d1d3622a1f568fe5a4988612a1b8da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA

user32

MessageBoxA

Sections

Feokt.
Size: 115KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
widget/license.txt
widget/www/index.htm
.html
widget/www/widget/hack_widget.zip
.zip
CommonLib.js
.js
Icon/usa_today_106.png
.png
Icon/usa_today_115.png
.png
Icon/usa_today_85.png
.png
Icon/usa_today_95.png
.png
Preview_200000011.js
.js
config.xml
.xml
img/Right_List_hightlight.png
.png
img/Sub_BG_Gray32.png
.png
img/button_no.png
.png
img/button_yes.png
.png
img/cp_usatoday.png
.png
img/drag_button.png
.png
img/help_4P.png
.png
img/help_LR.png
.png
img/help_back.png
.png
img/help_select.png
.png
img/help_up_down.png
.png
img/left_list_highlight.png
.png
img/left_list_normal.png
.png
img/left_list_select.png
.png
img/loading_01.png
.png
img/loading_02.png
.png
img/loading_03.png
.png
img/loading_04.png
.png
img/loading_05.png
.png
img/loading_06.png
.png
img/loading_07.png
.png
img/loading_08.png
.png
img/loading_09.png
.png
img/loading_10.png
.png
img/loading_11.png
.png
img/loading_12.png
.png
img/movie_bg_box.png
.png
img/movie_bg_box_3.png
.png
img/news_100.png
.png
img/news_70.png
.png
img/news_service.png
.png
img/news_sub.png
.png
img/news_sub_2.png
.png
img/nnavi_icon_news.png
.png
img/popup_back.gif
.gif
img/popup_bg_bottom.png
.png
img/popup_bg_middle.png
.png
img/popup_bg_top.png
.png
img/popup_big_3_middle.png
.png
img/popup_big_3_top.png
.png
img/popup_big_3_under.png
.png
img/popup_small.png
.png
img/preview_news.png
.png
img/rss_list_highlight.png
.png
img/rss_list_text_line_1.png
.png
img/rss_list_text_line_2.png
.png
img/rss_list_title_line.png
.png
img/scrollbar_bg_2.png
.png
img/scrollbar_bg_3.png
.png
img/sub_bg.png
.png
img/sub_bg_2.png
.png
img/sub_bg_3.png
.png
img/sub_bg_4.png
.png
img/sub_bg_7.png
.png
img/sub_bg_8.png
.png
img/sub_bg_9.png
.png
img/sub_bg_brown.png
.png
img/sub_down.png
.png
img/sub_line.png
.png
img/sub_up.png
.png
img/ticker_bg.png
.png
img/usa_today.png
.png
img/usa_today_life.png
.png
img/usa_today_money.png
.png
img/usa_today_news.png
.png
img/usa_today_politics.png
.png
img/usa_today_sports.png
.png
img/usa_today_world.png
.png
img/weather_preview_box.png
.png
index.html
.html
news.css
news.js
.js
popup.css
popup.js
.js
xml/news_category_list.xml
.xml
widget/www/widgetlist.xml
.xml

Sharing

General

Malware Config

Signatures

Files

44d1d3622a1f568fe5a4988612a1b8da

Headers

File Characteristics

Imports

kernel32

user32

Sections

Feokt. Size: 115KB - Virtual size: 280KB

.rsrc Size: 512B - Virtual size: 512B

Feokt.
Size: 115KB - Virtual size: 280KB

.rsrc
Size: 512B - Virtual size: 512B