166192641678bd4b75a05964760f5b99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

166192641678bd4b75a05964760f5b99_JaffaCakes118
Size

1.6MB
MD5

166192641678bd4b75a05964760f5b99
SHA1

742680914e3436a6cf04621458fdfecce4651334
SHA256

bb67c822b751c2066a655a323a390ef9e2786202a8be752bc980dd2f1c950cc0
SHA512

a505dfec2b9eb9de8ccced6a927b9f72afdc094e24f510b6133c1d85513c7104df7d8e78d332aeaaf3d12e537f6c59b9bcfe543e35d9adb33122f8c116b76644
SSDEEP

49152:u3t+2c/dNsaTB4HTsFboU42IzJb1u6ss3K:Mq/dGWYio52IzJbf3K

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/netsys/Rundlll.exe
unpack001/netsys/cache/Frwx.dat
unpack001/netsys/cache/Zrwx.dat
unpack001/netsys/netsys.exe

Files

166192641678bd4b75a05964760f5b99_JaffaCakes118
.rar
netsys/Readme_EN.txt
netsys/Rundlll.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

P�`0
Size: - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

P�`1
Size: 275KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

P�`2
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
netsys/cache/Frwx.dat
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

#1�_0
Size: - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

#1�_1
Size: 266KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

#1�_2
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
netsys/cache/IP.txt
netsys/cache/Zrwx.dat
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

P�`0
Size: - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

P�`1
Size: 275KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

P�`2
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
netsys/netsys.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

�6�Z0
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�6�Z1
Size: 634KB - Virtual size: 636KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�6�Z2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
netsys/sound/downfile.wav
netsys/sound/login.wav
netsys/sound/offline.wav
netsys/sound/upfile.wav
netsys/使用帮助_简体.txt
netsys/图标/1.ico
netsys/图标/10.ico
netsys/图标/11.ico
netsys/图标/12.ico
netsys/图标/13.ico
netsys/图标/14.ico
netsys/图标/15.ico
netsys/图标/16.ico
netsys/图标/17.ico
netsys/图标/18.ico
netsys/图标/19.ico
netsys/图标/2.ico
netsys/图标/20.ico
netsys/图标/21.ico
netsys/图标/22.ico
netsys/图标/23.ico
netsys/图标/24.ico
netsys/图标/25.ico
netsys/图标/26.ico
netsys/图标/27.ico
netsys/图标/28.ico
netsys/图标/29.ico
netsys/图标/3.ico
netsys/图标/30.ico
netsys/图标/31.ico
netsys/图标/32.ico
netsys/图标/33.ico
netsys/图标/34.ico
netsys/图标/35.ico
netsys/图标/38.ico
netsys/图标/39.ico
netsys/图标/4.ico
netsys/图标/40.ico
netsys/图标/41.ico
netsys/图标/42.ico
netsys/图标/43.ico
netsys/图标/44.ico
netsys/图标/45.ico
netsys/图标/46.ico
netsys/图标/47.ico
netsys/图标/48.ico
netsys/图标/5.ico
netsys/图标/50.ico
netsys/图标/51.ico
netsys/图标/52.ico
netsys/图标/6.ico
netsys/图标/7.ico
netsys/图标/9.ico
netsys/帮助说明.chm
.chm
netsys/更多精品尽在俺要下载.url
netsys/自述文件.htm
.html

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

P�`0 Size: - Virtual size: 812KB

P�`1 Size: 275KB - Virtual size: 276KB

P�`2 Size: - Virtual size: 6KB

Headers

File Characteristics

Sections

#1�_0 Size: - Virtual size: 808KB

#1�_1 Size: 266KB - Virtual size: 268KB

#1�_2 Size: - Virtual size: 3KB

Headers

File Characteristics

Sections

P�`0 Size: - Virtual size: 812KB

P�`1 Size: 275KB - Virtual size: 276KB

P�`2 Size: - Virtual size: 6KB

Headers

File Characteristics

Sections

�6�Z0 Size: - Virtual size: 2.4MB

�6�Z1 Size: 634KB - Virtual size: 636KB

�6�Z2 Size: - Virtual size: 5KB

P�`0
Size: - Virtual size: 812KB

P�`1
Size: 275KB - Virtual size: 276KB

P�`2
Size: - Virtual size: 6KB

#1�_0
Size: - Virtual size: 808KB

#1�_1
Size: 266KB - Virtual size: 268KB

#1�_2
Size: - Virtual size: 3KB

P�`0
Size: - Virtual size: 812KB

P�`1
Size: 275KB - Virtual size: 276KB

P�`2
Size: - Virtual size: 6KB

�6�Z0
Size: - Virtual size: 2.4MB

�6�Z1
Size: 634KB - Virtual size: 636KB

�6�Z2
Size: - Virtual size: 5KB