82c06e269f2e64797ecf09ef3690489e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82c06e269f2e64797ecf09ef3690489e_JaffaCakes118
Size

533KB
MD5

82c06e269f2e64797ecf09ef3690489e
SHA1

d02078bec87f1d8d5159d2bd4136bef15c453f5d
SHA256

605072b97ff09b394eb831c3e870f7f36390df762a250bcc989a1a9239f9efc3
SHA512

15f835fb3297af7c59f327b353369debdc184c34ecd12a3ce7f8cc31e2bfdfb10b67c4aac569f973ec8e0503880e2c60dd7f323f5bd61f79927a16845aa47138
SSDEEP

12288:Sb8/yjKJlnYHmtW29RRgBIbPbZilClU9WBK7k7fBUTBnciVxrno:y8/yjKDYI9JN/UClUMBKcBU1rxbo

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/180028688/Dbt3.dll
unpack001/180028688/Dbt3MainProj.exe
unpack001/180028688/cooltray4.3/CoolTrayTest.exe

Files

82c06e269f2e64797ecf09ef3690489e_JaffaCakes118
.rar
180028688/Dbt3.cfg
180028688/Dbt3.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Decode
Encode
endhook
sethook

Sections

CODE
Size: 522KB - Virtual size: 522KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
180028688/Dbt3.dof
180028688/Dbt3.dpr
180028688/Dbt3.res
180028688/Dbt3Main.dcu
180028688/Dbt3Main.ddp
180028688/Dbt3Main.dfm
180028688/Dbt3Main.pas
180028688/Dbt3MainProj.cfg
180028688/Dbt3MainProj.dof
180028688/Dbt3MainProj.dpr
180028688/Dbt3MainProj.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
180028688/Dbt3MainProj.res
180028688/Hook.dcu
180028688/Hook.pas
180028688/PopWin.dcu
180028688/PopWin.ddp
180028688/PopWin.dfm
180028688/PopWin.pas
180028688/cooltray4.3/CoolTrayIcon.chm
.chm
180028688/cooltray4.3/CoolTrayIcon.dcr
180028688/cooltray4.3/CoolTrayIcon.dcu
180028688/cooltray4.3/CoolTrayIcon.pas
180028688/cooltray4.3/CoolTrayIcon_D5.dpk
180028688/cooltray4.3/CoolTrayIcon_D6plus.dcu
180028688/cooltray4.3/CoolTrayIcon_D6plus.dpk
180028688/cooltray4.3/CoolTrayIcon_D6plus.drc
180028688/cooltray4.3/CoolTrayIcon_D6plus.res
180028688/cooltray4.3/CoolTrayIcon_D7plus.cfg
180028688/cooltray4.3/CoolTrayIcon_D7plus.dcu
180028688/cooltray4.3/CoolTrayIcon_D7plus.dof
180028688/cooltray4.3/CoolTrayIcon_D7plus.dpk
180028688/cooltray4.3/CoolTrayIcon_D7plus.drc
180028688/cooltray4.3/CoolTrayIcon_D7plus.res
180028688/cooltray4.3/CoolTrayTest.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
180028688/cooltray4.3/RegisterTrayIcons.dcu
180028688/cooltray4.3/RegisterTrayIcons.pas
180028688/cooltray4.3/SimpleTimer.dcu
180028688/cooltray4.3/SimpleTimer.pas
180028688/cooltray4.3/TextTrayIcon.dcr
180028688/cooltray4.3/TextTrayIcon.dcu
180028688/cooltray4.3/TextTrayIcon.pas
180028688/cooltray4.3/convert_cti_projects.txt
180028688/cooltray4.3/convert_st_projects.txt
180028688/cooltray4.3/demos/CoolService/CoolService.dpr
180028688/cooltray4.3/demos/CoolService/CoolService.res
180028688/cooltray4.3/demos/CoolService/CoolTrayService.bat
.bat .vbs
180028688/cooltray4.3/demos/CoolService/Service.dfm
180028688/cooltray4.3/demos/CoolService/Service.pas
180028688/cooltray4.3/demos/CoolTrayTest/CoolTrayTest.dpr
180028688/cooltray4.3/demos/CoolTrayTest/CoolTrayTest.res
180028688/cooltray4.3/demos/CoolTrayTest/CtMain.dfm
180028688/cooltray4.3/demos/CoolTrayTest/CtMain.pas
180028688/cooltray4.3/demos/CoolTrayTest/TrayIcon.ico
180028688/cooltray4.3/demos/CustomHint1/CustomHint.dpr
180028688/cooltray4.3/demos/CustomHint1/CustomHint.res
180028688/cooltray4.3/demos/CustomHint1/Main.dfm
180028688/cooltray4.3/demos/CustomHint1/Main.pas
180028688/cooltray4.3/demos/CustomHint2/BigHint.dfm
180028688/cooltray4.3/demos/CustomHint2/BigHint.pas
180028688/cooltray4.3/demos/CustomHint2/BigHintDemo.dpr
180028688/cooltray4.3/demos/CustomHint2/BigHintDemo.res
180028688/cooltray4.3/demos/CustomHint2/images.res
180028688/cooltray4.3/demos/MinimizeAnimation/Main.dfm
180028688/cooltray4.3/demos/MinimizeAnimation/Main.pas
180028688/cooltray4.3/demos/MinimizeAnimation/MinimizeAnimation.dpr
180028688/cooltray4.3/demos/MinimizeAnimation/MinimizeAnimation.res
180028688/cooltray4.3/demos/MinimizeAnimation/TrayAnimation.pas
180028688/cooltray4.3/demos/MinimizeAnimation/animation.ico
180028688/cooltray4.3/demos/StartHidden/Main.dfm
180028688/cooltray4.3/demos/StartHidden/Main.pas
180028688/cooltray4.3/demos/StartHidden/StartHidden.dpr
180028688/cooltray4.3/demos/StartHidden/StartHidden.res
180028688/cooltray4.3/demos/TextTrayTest/TextTrayTest.dpr
180028688/cooltray4.3/demos/TextTrayTest/TextTrayTest.res
180028688/cooltray4.3/demos/TextTrayTest/TrayText.ico
180028688/cooltray4.3/demos/TextTrayTest/TtMain.dfm
180028688/cooltray4.3/demos/TextTrayTest/TtMain.pas
180028688/cooltray4.3/demos/TextTrayTest/bubble.ico
180028688/cooltray4.3/demos/TrayDraw/CtDraw.dfm
180028688/cooltray4.3/demos/TrayDraw/CtDraw.pas
180028688/cooltray4.3/demos/TrayDraw/TrayDraw.dpr
180028688/cooltray4.3/demos/TrayDraw/TrayDraw.ico
180028688/cooltray4.3/demos/TrayDraw/TrayDraw.res
180028688/cooltray4.3/doc/CoolTrayIcon.html
.html
180028688/cooltray4.3/doc/History - CoolTrayIcon.txt
180028688/cooltray4.3/doc/History - SimpleTimer.txt
180028688/cooltray4.3/doc/History - TextTrayIcon.txt
180028688/cooltray4.3/doc/SimpleTimer.html
.html
180028688/cooltray4.3/doc/TextTrayIcon.html
.html
180028688/cooltray4.3/doc/demos.txt
180028688/cooltray4.3/doc/install.txt
180028688/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 522KB - Virtual size: 522KB

DATA Size: 5KB - Virtual size: 5KB

BSS Size: - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 119B

.reloc Size: 38KB - Virtual size: 37KB

.rsrc Size: 52KB - Virtual size: 52KB

Headers

File Characteristics

Sections

CODE Size: 374KB - Virtual size: 374KB

DATA Size: 5KB - Virtual size: 4KB

BSS Size: - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 28KB - Virtual size: 28KB

.rsrc Size: 40KB - Virtual size: 40KB

Headers

File Characteristics

Sections

CODE Size: 392KB - Virtual size: 392KB

DATA Size: 5KB - Virtual size: 4KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 28KB - Virtual size: 28KB

.rsrc Size: 163KB - Virtual size: 163KB

CODE
Size: 522KB - Virtual size: 522KB

DATA
Size: 5KB - Virtual size: 5KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 119B

.reloc
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 52KB - Virtual size: 52KB

CODE
Size: 374KB - Virtual size: 374KB

DATA
Size: 5KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 40KB - Virtual size: 40KB

CODE
Size: 392KB - Virtual size: 392KB

DATA
Size: 5KB - Virtual size: 4KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 163KB - Virtual size: 163KB