8a451acd91686809cd5479a726a8ae65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a451acd91686809cd5479a726a8ae65_JaffaCakes118
Size

189KB
MD5

8a451acd91686809cd5479a726a8ae65
SHA1

1012040dde469adefbab00e5405c0426012d8119
SHA256

c85f8a4b56d7d8139ac9c57c1a7ae6f81e878161015b7691fc936a9dbe7a7f2e
SHA512

c0af6fe149ec4ab0e0b542f7ea2e6be3fa2efa41f609d6f1dfa14f81c7880edc675d3d2e5beb45c024324b392a0c1ac55dd573b2185da6c32114090428d025a6
SSDEEP

3072:0nbvApIUr1QTXh6INul7URjbuUt7bbsIh1J6Dn6xaoCv/uGDkwBEN/UuMfNOteu:0bYZ0nNuiRjaUj6Dn6xaDGGQwBEhU1OX

Score

7^/10

pdf link upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/keygen.exe	upx

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/keygen.exe
unpack004/out.upx

Files

8a451acd91686809cd5479a726a8ae65_JaffaCakes118
.rar
Install.txt
Manual.pdf
.pdf
- http://VitoTechnology.com
- http://vitotechnology.com
- http://vitotechnology.com/
Setup_CAB.cab
.cab
0000spot.026
.jpg
000help1.004
000help2.005
00German.029
0English.028
0Russian.030
0iDialer.009
.jpg
0iRemote.015
.jpg
CATALO~1.006
.html
IAPPOI~1.007
.jpg
IBUTTO~1.008
.jpg
ILAUNC~1.010
.jpg
IMOBIL~1.011
.jpg
INAVIG~1.012
.jpg
IOSCIL~1.013
.jpg
IQUICK~1.014
.jpg
IQUICK~2.027
.jpg
ISKETC~1.016
.jpg
ISMART~1.017
.jpg
ISOUND~1.018
.jpg
ISOUND~2.019
.jpg
ITASKS~1.020
.jpg
IVITAL~1.021
.jpg
IVITAL~2.022
.jpg
IVITAL~3.023
.jpg
IVITAL~4.024
.jpg
IVOICE~1.025
.jpg
MOBILE~1.000
MOBILE~1.001
MOBILE~1.002
MOBILE~1.003
.html
SetupDLL.999
keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 44KB

UPX1 Size: 23KB - Virtual size: 24KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 20KB - Virtual size: 18KB

UPX0
Size: - Virtual size: 44KB

UPX1
Size: 23KB - Virtual size: 24KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 18KB