f09ccd7f9a96cd33a82aa8795933c45d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f09ccd7f9a96cd33a82aa8795933c45d_JaffaCakes118
Size

355KB
MD5

f09ccd7f9a96cd33a82aa8795933c45d
SHA1

acca82b55ad90473da30f5a1118d93b81a34e5ed
SHA256

ae9428876349c5f82b76fbc11ebfd812a4a81d5afcb17332dffb7905818fb852
SHA512

88b60a066fba306c5fadb54e0655e3139da20b815e8b251671ba657d1420fc54a62b984b00aca1e06c40d47bbffd9218300a0bc3759a3cfd247d1f90316b8823
SSDEEP

6144:PTNEtz/RFmmJ9s0lbm1eK894RC4ubcmhJJ26IkyD52q00MaU:6/RjJ48Otub7YrkyDqQU

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/echo XP/Mmutil32.dll
unpack001/echo XP/echoXP.exe

Files

f09ccd7f9a96cd33a82aa8795933c45d_JaffaCakes118
.rar
echo XP/Mmutil32.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

_BuildRealOutput
_CheckTime
_ComponentRegistered
_DoCplxFFT1
_DoCplxFFT2
_GenSinTable1
_GenSinTable2
_GetDeviceID
_GetDeviceStatus
_GlobalCmpMem
_GlobalFillLong
_GlobalFillMem
_GlobalMoveMem
_IDERunning
_InMinMax
_InRange
_Limit
_Max
_Min
_MinMax
_RegisterComponent
_SwapInt
_SwapLong
_SwapSmall
_fvecBitRev1
_fvecBitRev2
_fvecMul1
_fvecMul2
_fvecZero1
_fvecZero2
_incHuge

Sections

CODE
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
echo XP/Portable.Easylife.Idv.Tw.url
echo XP/REVERB.INI
echo XP/echoXP.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 691KB - Virtual size: 690KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
echo XP/統一發票對獎 Invoice.Easylife.Idv.Tw.url
說明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 48KB - Virtual size: 47KB

DATA Size: 1024B - Virtual size: 840B

BSS Size: - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.edata Size: 1024B - Virtual size: 736B

.reloc Size: 3KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

Headers

File Characteristics

Sections

CODE Size: 691KB - Virtual size: 690KB

DATA Size: 6KB - Virtual size: 6KB

BSS Size: - Virtual size: 4KB

.idata Size: 10KB - Virtual size: 10KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 50KB - Virtual size: 49KB

.rsrc Size: 169KB - Virtual size: 169KB

CODE
Size: 48KB - Virtual size: 47KB

DATA
Size: 1024B - Virtual size: 840B

BSS
Size: - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 1024B - Virtual size: 736B

.reloc
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB

CODE
Size: 691KB - Virtual size: 690KB

DATA
Size: 6KB - Virtual size: 6KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 10KB - Virtual size: 10KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 50KB - Virtual size: 49KB

.rsrc
Size: 169KB - Virtual size: 169KB