c25ef599afd26ee2eabdbf55d5260f8b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c25ef599afd26ee2eabdbf55d5260f8b_JaffaCakes118
Size

348KB
MD5

c25ef599afd26ee2eabdbf55d5260f8b
SHA1

efbd2b30ed60c1c11c0b37d3eab62619a27856f4
SHA256

868ff740f5a0d298e62c0cfced3d35ba99ef7d165a1312fbb2ae34cbcac80e6b
SHA512

48d852808ada0146a1f1bc31870cc8248627bd4eff193f26c3720d569b49f63ce56d330d1184e00c7cdcba3042b9f08c74f623aa213e06082f4ebbe64008419b
SSDEEP

6144:/202+uLCfun+ZBivI68NOXswRTXeSgerkIAYYRS26ncms8WLvwlerFCB:/202+iCWn+ZBI8NOXlTeSBIJjSlcJ8Ww

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tool/5sys/dw.client.dll
unpack001/tool/5sys/k.exe
unpack001/tool/5sys/new3.exe
unpack001/tool/tool.exe

Files

c25ef599afd26ee2eabdbf55d5260f8b_JaffaCakes118
.rar
tool/5sys/5.css
tool/5sys/5b/new3.gt3
tool/5sys/5b/updatec.gt3
tool/5sys/dw.client.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\代码\csharp程序\dll\client\obj\Release\dw.client.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tool/5sys/img/tree1.gif
.gif
tool/5sys/j.jd
.js
tool/5sys/k.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tool/5sys/new3.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\代码\csharp程序\升级程序\bin\new3.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tool/tool.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\代码\csharp程序\我的独立\tool3\obj\Release\tool3.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tool/tool/5.htm
.html
tool/tool/5/j.jd
.js
tool/tool/5/list.gt3
tool/tool/img/e.gif
.gif
tool/tool/img/jd.ico
tool/微软箱说明.txt

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 90KB - Virtual size: 89KB

.rsrc Size: 1024B - Virtual size: 680B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 28KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 712B

.reloc Size: 4KB - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 40KB - Virtual size: 37KB

.rsrc Size: 4KB - Virtual size: 664B

.reloc Size: 4KB - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1KB - Virtual size: 1KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 90KB - Virtual size: 89KB

.rsrc
Size: 1024B - Virtual size: 680B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 28KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 712B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 40KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 664B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 512B - Virtual size: 12B