16cb46a6156f7a2a87248b3b6a589639_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

16cb46a6156f7a2a87248b3b6a589639_JaffaCakes118
Size

1.2MB
MD5

16cb46a6156f7a2a87248b3b6a589639
SHA1

fb177217628b4de52547e6a0ef625b83dc2b100b
SHA256

c5beb701e793be49311d476975c0c8b3e453ea5f20d427c64c0d31c3b01a09c1
SHA512

48ca93f06c598e7356b9fa4d7c69d72ca2ffd54979c580b47628928935b138c17f243cfa8416222928269ec04163c7cb2b19cfdb29cbf08d1a7377b721bebb7f
SSDEEP

24576:y3/90pCK5ewaMOHRyGbBRAAhpbm59LEQbb0n5rkTaqwHIrb11D:AYtewaMOHH3e5hEQ3qlk+1Irx1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Hfolder/Hfolder-key.exe
unpack001/Hfolder/Hfolder.exe

Files

16cb46a6156f7a2a87248b3b6a589639_JaffaCakes118
.rar
Hfolder/Hfolder-key.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

code
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Hfolder/Hfolder.exe
.exe windows:4 windows x86 arch:x86

73ec795c6c369c6ce2c3b4c3f6477daa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetShortPathNameA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 65KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: 46KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Hfolder/redme.txt
redme.txt
安装软件.bat

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

code Size: - Virtual size: 40KB

text Size: 11KB - Virtual size: 12KB

.rsrc Size: 6KB - Virtual size: 8KB

73ec795c6c369c6ce2c3b4c3f6477daa

Headers

File Characteristics

Imports

kernel32

user32

Sections

0 Size: 1024B - Virtual size: 4KB

1 Size: 512B - Virtual size: 4KB

2 Size: 65KB - Virtual size: 740KB

3 Size: 19KB - Virtual size: 20KB

4 Size: 3KB - Virtual size: 8KB

5 Size: - Virtual size: 4KB

6 Size: 46KB - Virtual size: 71KB

7 Size: 3KB - Virtual size: 3KB

8 Size: 7KB - Virtual size: 28KB

code
Size: - Virtual size: 40KB

text
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 6KB - Virtual size: 8KB

0
Size: 1024B - Virtual size: 4KB

1
Size: 512B - Virtual size: 4KB

2
Size: 65KB - Virtual size: 740KB

3
Size: 19KB - Virtual size: 20KB

4
Size: 3KB - Virtual size: 8KB

5
Size: - Virtual size: 4KB

6
Size: 46KB - Virtual size: 71KB

7
Size: 3KB - Virtual size: 3KB

8
Size: 7KB - Virtual size: 28KB