83593127d10dbc09da9b8819642356ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83593127d10dbc09da9b8819642356ef_JaffaCakes118
Size

571KB
MD5

83593127d10dbc09da9b8819642356ef
SHA1

cc261acdfcda2d7d90d4d25bf4df3e69272919d4
SHA256

15b02e7b054149c832b33786698ab90094ae3da52da6bf962301c50468e1928b
SHA512

975abddb9ff743890480fdc0bc7cf9d5d0a4b056325bbc2091a7dcb57ce894b33460ffc71443596e0f8af6ed58cc98ecad656ca94935e3229f3b9f45203fc2d8
SSDEEP

12288:6/mDAt5wlgFYcatPB/n/Wh3D+HdGgUKrIpMLp9MUo:6ODn8Ycaxtn/WFD+YgUKrI2t9MUo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MSULVC05.DLL

Files

83593127d10dbc09da9b8819642356ef_JaffaCakes118
.rar
Demo.AVI
MSULVC05.DLL
.dll windows:4 windows x86 arch:x86

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

Exports

Exports

DriverProc

Sections

.rsrc
Size: 52KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MSULVC05.INF
wAREsNAP.GiF
下载说明.htm
.html .js polyglot
汉化及安装说明.TXT