b1628889224ef5163981fc078b937001_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1628889224ef5163981fc078b937001_JaffaCakes118
Size

65KB
MD5

b1628889224ef5163981fc078b937001
SHA1

15b79607dd995d8ca85612c4c79725b11c2251ce
SHA256

808fae8d52581ce544cd636254dd757e2bc7de7ff49ca3ffd8c13f3251dbfc47
SHA512

8d0e81f23d7113ee9dc81dcee1b2246f1581b14c4f6157efd4f41204d9879a33b9e4cde99a8e3f583ebcf87804f1802a9bd3d8fc1a04184a4d2240614366b158
SSDEEP

1536:ZhJWtwGEREuOoCvp0UGIsq91XIpbjP9AjFta1IEH94ApOOJp/:ZCwTRBOoCvp3xsc1XabjP9ABta1INUOi

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WKey/WKey.exe
unpack001/WKey/Wireless.exe

Files

b1628889224ef5163981fc078b937001_JaffaCakes118
.zip
WKey/Readme.txt
WKey/WKey.exe
.exe windows:4 windows x86 arch:x86

644c625dbe727aed8203259448f73750

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

EVENT_SINK_GetIDsOfNames

Sections

pec1
Size: 31KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
WKey/Wireless.exe
.exe windows:4 windows x86 arch:x86

a53f732e1bbd70e2b3217e8d53ce6afb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

Sections

pec1
Size: 23KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
WKey/.txt

Sharing

General

Malware Config

Signatures

Files

644c625dbe727aed8203259448f73750

Headers

File Characteristics

Imports

kernel32

msvbvm60

Sections

pec1 Size: 31KB - Virtual size: 112KB

.rsrc Size: 12KB - Virtual size: 16KB

.pec Size: 1KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

a53f732e1bbd70e2b3217e8d53ce6afb

Headers

File Characteristics

Imports

kernel32

Sections

pec1 Size: 23KB - Virtual size: 160KB

pec2 Size: 1024B - Virtual size: 4KB

.pec Size: 1KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

pec1
Size: 31KB - Virtual size: 112KB

.rsrc
Size: 12KB - Virtual size: 16KB

.pec
Size: 1KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB

pec1
Size: 23KB - Virtual size: 160KB

pec2
Size: 1024B - Virtual size: 4KB

.pec
Size: 1KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB