c18d836e87b17a3e6df766a95a728c03_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c18d836e87b17a3e6df766a95a728c03_JaffaCakes118
Size

3.0MB
MD5

c18d836e87b17a3e6df766a95a728c03
SHA1

efb97ccf83fcbb733c50c482703952a5abb3d308
SHA256

407035d8c05fc59b565ebd96790dd88117df7ed8e7a4b472528b16c4dae16f38
SHA512

0908450db02fbcce90e864d630d0d4c186a4ac31887aeb9112b235b1fafc472a14bdcda21ecbd1906bba29ab4e6b8caddc3fae5cd588a91b2cf3ab9828ab1288
SSDEEP

49152:pDZZdmEVOive6h9lxw3EUvoydhtjFi93raiHHFL7GkIoOolQXcu4WqxK6+ioUsWO:pD8EVrW6h9TRydPjFiRraiFHGkIciqOR

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Mark.of.the.Ninja.v1.0.7993.cracked_20121101/!!Mreader.exe
unpack001/Mark.of.the.Ninja.v1.0.7993.cracked_20121101/Mark of the Ninja v1.0.7993.exe

Files

c18d836e87b17a3e6df766a95a728c03_JaffaCakes118
.rar
Mark.of.the.Ninja.v1.0.7993.cracked_20121101/!!Mreader.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.theta
Size: - Virtual size: 280KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iota
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Mark.of.the.Ninja.v1.0.7993.cracked_20121101/Mark of the Ninja v1.0.7993.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.theta
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iota
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Mark.of.the.Ninja.v1.0.7993.cracked_20121101/THETA.nfo
Mark.of.the.Ninja.v1.0.7993.cracked_20121101/找单机 zhaodanji.com.url
.url
Mark.of.the.Ninja.v1.0.7993.cracked_20121101/说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.theta Size: - Virtual size: 280KB

.iota Size: 77KB - Virtual size: 80KB

.rsrc Size: 5KB - Virtual size: 8KB

Headers

DLL Characteristics

File Characteristics

Sections

.theta Size: - Virtual size: 304KB

.iota Size: 149KB - Virtual size: 152KB

.rsrc Size: 18KB - Virtual size: 20KB

.theta
Size: - Virtual size: 280KB

.iota
Size: 77KB - Virtual size: 80KB

.rsrc
Size: 5KB - Virtual size: 8KB

.theta
Size: - Virtual size: 304KB

.iota
Size: 149KB - Virtual size: 152KB

.rsrc
Size: 18KB - Virtual size: 20KB