02f872e1e2d394674cdd4da64cc14ba7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02f872e1e2d394674cdd4da64cc14ba7_JaffaCakes118
Size

135KB
MD5

02f872e1e2d394674cdd4da64cc14ba7
SHA1

a3b6ab99402032d0225139dd5778ef01e326ddf5
SHA256

a83d2f3a47b2b64507e08f236e80288a1d7c6b64d930838ebe4e5e502ca733a6
SHA512

c76d5e8a42896ac176eade55adbb61a25fa5403def58c106ef7eca96663667abb4821ef9b31d16724924174c7314aeb9f557006328bc9391e4f2a9b83d1a32c1
SSDEEP

3072:tt/S0Sp1aCFEhEhUoDOSrY9tCg4s+Y8szje1iejDlJH5t0TjJnsNmjK:tt63iCZhItT0YxKiej5SPKSK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/BIZATCH.EXE

Files

02f872e1e2d394674cdd4da64cc14ba7_JaffaCakes118
.zip
BIZATCH.ZIP
.zip
BIZATCH.ASM
BIZATCH.DEF
BIZATCH.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.icode
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vlad
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BOZA.ASM
IMPORT32.LIB
MAKEFILE
WIN32.INC
KBWIN.ZIP
.zip
CAPTURE.BAT
KBCAP.COM
KBWIN95.DOC
KBWIN95.EXE
PLAYCAP.EXE
PH33R.ZIP
.zip
PH33R.A86
PH33R.COM
TENTACLE.ZIP
.zip
TENTACLE.EXE
TWITCH.ZIP
W31V.ZIP
.zip
W31V.ASM
WINLAMER.ZIP
WINSURFR.ZIP
.zip
WINSURFR.A86
WINTINY.ZIP
WINVIK.ZIP
.zip
WINVIKA.ZIP
.zip
DOGEN16.BAT
DOGEN512.BAT
DOWV.BAT
GENERIC.C
GENERIC.DEF
GENERIC.EXE
GENERIC.H
GENERIC.RC
HEADER.EXE
HEADER.PAS
READ.ME
WINVIR.ASM
WINVIKB.ZIP
WVIR14.ZIP
.zip