a1be5f7f027feee5fd4ba716aaef07f6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a1be5f7f027feee5fd4ba716aaef07f6_JaffaCakes118
Size

19KB
MD5

a1be5f7f027feee5fd4ba716aaef07f6
SHA1

15a3fb929c86293839af3cdb684f1e23a1b9ff66
SHA256

13bd3de9b99fdc96485792b24b9cc77ec8a40a7cbc264b3b1a3226d6ffe9b16b
SHA512

c98e25b4041312e629eb51016ba72bed90d53c0539b0021f1601644f228970a10670a88352444d2acc2bda43be34fd07f2b5e6ffc48e4aa4bf88a920c220db14
SSDEEP

384:wBIybHFfG+7OVkbsowWAGnOi5r6TkEA9Hv8on20VR3UKGafKb:wBtbF++QGsDWT5EA9PJn20VeKGayb

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PCNFO.EXE
unpack001/picallwk.exe

Files

a1be5f7f027feee5fd4ba716aaef07f6_JaffaCakes118
.zip
File_id.diz
PCNFO.EXE
.exe windows:1 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

pec1
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
THECRACK.HTM
.html
pc.mus
pc.nfo
picallwk.exe
.exe windows:1 windows x86 arch:x86

708dd0576b9916990d18bad082064305

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolder
SHGetPathFromIDList

kernel32

GetCommandLineA
GetCurrentDirectoryA
GetModuleHandleA
CloseHandle
RtlUnwind
CreateFileA
SetCurrentDirectoryA
WriteFile
lstrcpynA

user32

SetWindowTextA
DialogBoxParamA
EndDialog
GetDlgItem
LoadIconA
SetTimer
KillTimer
MessageBoxA
SendMessageA
wsprintfA

crtdll

__GetMainArgs
exit
raise
signal
strchr

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 60B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 560B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 990B - Virtual size: 990B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

Imports

kernel32

Sections

pec1 Size: 7KB - Virtual size: 24KB

pec2 Size: 3KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 512B

708dd0576b9916990d18bad082064305

Headers

File Characteristics

Imports

shell32

kernel32

user32

crtdll

Sections

.text Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 60B

.rdata Size: 88B - Virtual size: 88B

.data Size: 560B - Virtual size: 560B

.idata Size: 990B - Virtual size: 990B

.rsrc Size: 1KB - Virtual size: 1KB

pec1
Size: 7KB - Virtual size: 24KB

pec2
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 512B

.text
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 60B

.rdata
Size: 88B - Virtual size: 88B

.data
Size: 560B - Virtual size: 560B

.idata
Size: 990B - Virtual size: 990B

.rsrc
Size: 1KB - Virtual size: 1KB