7717f4dc57fe4ba6ff71c5404318b6b0_JaffaCakes118

General

Target

7717f4dc57fe4ba6ff71c5404318b6b0_JaffaCakes118
Size

1.8MB
MD5

7717f4dc57fe4ba6ff71c5404318b6b0
SHA1

a73becf5f2b7ea51fe2b09e750e6ffb4a237a403
SHA256

93b304f118709f87fc7233fea68eeb6471d4eb5bb2c2d81684e1fea1a03e82cf
SHA512

45895bab392718e3157c73b2c4f9039cd3bee056fc36906e853e6f4914a8207eb28b1dcacf89c882a48ae60a9733dbeda3c24291c54078556fa1cdee9c99b9f2
SSDEEP

49152:G1JrHhT3ggfKAIPxC4EhdHzW1gPnj11KhIdGl7ITR:G/tBSBOdHq1gPnqhI8lg

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/PLogger+V5.0/PLogger P8 gold Edi.6.exe
unpack001/PLogger+V5.0/patch.exe

Files

7717f4dc57fe4ba6ff71c5404318b6b0_JaffaCakes118
.rar
PLogger+V5.0/PLogger P8 gold Edi.6.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 1.0MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 637KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PLogger+V5.0/patch.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 1.0MB - Virtual size: 2.2MB

Size: - Virtual size: 192KB

Size: - Virtual size: 8KB

.rsrc Size: 189KB - Virtual size: 192KB

Size: - Virtual size: 3.0MB

.data Size: 637KB - Virtual size: 640KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 200KB - Virtual size: 199KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 12B

.rsrc
Size: 189KB - Virtual size: 192KB

.data
Size: 637KB - Virtual size: 640KB

.text
Size: 200KB - Virtual size: 199KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B