e22a386cc69d928e624fd52fa6491cd2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e22a386cc69d928e624fd52fa6491cd2_JaffaCakes118
Size

234KB
MD5

e22a386cc69d928e624fd52fa6491cd2
SHA1

7c1b31ab03be1af1c18270c9c4950cdc0014a329
SHA256

f0c11d92fb36e2f0e092ee693699314e7eb9702a212e7d295bb7799b8d4f67a8
SHA512

c1ee369efe9c9fb8350dada0731234a7b8473ce7f0a626fed42db1ea5d66a06ad2b6f25623896174f8ff86a89327a6090ac59161fdce5269d3ee5fb659370ac2
SSDEEP

6144:kqD3UWpuNX9lCqDIVh/Y+L5aK+5hxX/pVPJ:k6UWpuxC4IVpY65m5DPp3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/slam-#1.exe

Files

e22a386cc69d928e624fd52fa6491cd2_JaffaCakes118
.zip
--------.---
Decrypt.exe
Index.mag
SLAM.mid
Slam#1.X
Slam.000
Slam.001
Slam.002
.vbs
Slam.003
.vbs
Slam.004
Slam.005
.vbs
Slam.006
.vbs
Slam.007
Slam.008
Slam.009
.vbs
Slam.010
.vbs
Slam.011
.vbs
Slam.012
Slam.013
Slam.014
Slam.015
Virii.zip
.zip
CONCEPT.ZIP
.zip
AAAZAO.TXT
.vbs
AAAZFS.TXT
.vbs
AUTOOPEN.TXT
.vbs
CONCEPT.DOC
.doc windows office2003
FILESAVE.TXT
.vbs
PAYLOAD.TXT
LAROUX.ZIP
.zip
LAROUX.XLS
.xls windows office2003
LAROUX2.XLS
.xls windows office2003
OUTLAW.ZIP
.zip
FILE_ID.DIZ
O7941.TXT
.vbs
O8416.TXT
O8810.TXT
.vbs
OUTLAW.DOC
.doc windows office2003
O_ENCRY.DOC
.doc windows office2003
PURITAN.ZIP
.zip
PURITAN.DOC
RAPI.ZIP
.zip
rapi.doc
.doc windows office2003
readme.txt
file_id.diz
member.frm
slam-#1.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 164KB - Virtual size: 163KB

DATA Size: 2KB - Virtual size: 1KB

BSS Size: - Virtual size: 1KB

.idata Size: 6KB - Virtual size: 5KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 10KB - Virtual size: 9KB

.rsrc Size: 38KB - Virtual size: 38KB

CODE
Size: 164KB - Virtual size: 163KB

DATA
Size: 2KB - Virtual size: 1KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 6KB - Virtual size: 5KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 38KB - Virtual size: 38KB