b5caa9609c50e93f8041b3a0f784b4ce_JaffaCakes118

General

Target

b5caa9609c50e93f8041b3a0f784b4ce_JaffaCakes118
Size

515KB
MD5

b5caa9609c50e93f8041b3a0f784b4ce
SHA1

2c380e74b712996ded06d57f4d56cdc8c8737c5a
SHA256

91e6959d82e4e7e3440a79d563fae5ea51093e3f41fe5863aeceadd09b21aa34
SHA512

5c59355d557bddc13fab5078739bc764b5c1533cc97abaa5272099e9178a33347cd3b2fe21a643bde118455867bc65dbb6e054d25f75ea89a19206fe71f3c911
SSDEEP

12288:CyDIOH6g/ck0CU0QLB1hKaHGluqZc2AwtORWIJ2:/R6kXzQV1TuZRWp2

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Kanat Crypter Mod T€R@Z1/Kanat Crypter.exe
unpack001/Kanat Crypter Mod T€R@Z1/stub.exe

Files

b5caa9609c50e93f8041b3a0f784b4ce_JaffaCakes118
.rar
Kanat Crypter Mod T€R@Z1/Kanat Crypter.exe
.exe windows:4 windows x86 arch:x86

eb6668af5eb34acceae2c9b8ae91d874

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord593
ord594
ord595
ord526
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord535
ord570
ord100
ord616

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Kanat Crypter Mod T€R@Z1/stub.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.code
Size: 12KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 501KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 440B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb6668af5eb34acceae2c9b8ae91d874

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 28KB - Virtual size: 26KB

.data Size: - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

Headers

File Characteristics

Sections

.code Size: 12KB - Virtual size: 128KB

.rdata Size: 501KB - Virtual size: 504KB

.idata Size: 440B - Virtual size: 4KB

.rsrc Size: 98KB - Virtual size: 100KB

.text
Size: 28KB - Virtual size: 26KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.code
Size: 12KB - Virtual size: 128KB

.rdata
Size: 501KB - Virtual size: 504KB

.idata
Size: 440B - Virtual size: 4KB

.rsrc
Size: 98KB - Virtual size: 100KB