16d5b5c4154a85a1432e16a3fbe4cbf3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16d5b5c4154a85a1432e16a3fbe4cbf3_JaffaCakes118
Size

9.6MB
MD5

16d5b5c4154a85a1432e16a3fbe4cbf3
SHA1

0d58073b4c5d3afb2192c925b6acd6555dab1b7d
SHA256

bc80ebea439022f9666e5e4e3dbb006dcb853a7de651eb2ba3369c3bb504d14f
SHA512

666898c50119ac379ff77f8d18252d666fc4bff17df79c187556a6f3076865fe3efe7a4f8c9902d6a5eb7cfbaebc936130b343556f793856dd356ee0c47b5261
SSDEEP

196608:g7WuTELvSLpW62R5hYVSYMDjzMl4c0/SNFKkwtqe3SA7Fa/I84JpImFbxM53YpI8:g7WuoelWrb4SYMDc0/SNFKXAQ7Fa/I86

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Daemon.Tools.Pro.Advanced.v5.2.0.0348.Multilingual.Cracked-BRD/Crack/Patch.exe

Files

16d5b5c4154a85a1432e16a3fbe4cbf3_JaffaCakes118
.rar
Daemon.Tools.Pro.Advanced.v5.2.0.0348.Multilingual.Cracked-BRD/Crack/Patch.exe
.exe windows:5 windows x86 arch:x86

dc73a9bd8de0fd640549c85ac4089b87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
ExitProcess
FindResourceA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetTempPathA
LoadLibraryA
LoadResource
RtlMoveMemory
SizeofResource
VirtualAlloc
lstrcatA
CloseHandle
CreateFileA
FlushFileBuffers
WriteFile

Sections

.BRD
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BRD
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BRD
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BRD
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BRD
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Daemon.Tools.Pro.Advanced.v5.2.0.0348.Multilingual.Cracked-BRD/brd.nfo
Daemon.Tools.Pro.Advanced.v5.2.0.0348.Multilingual.Cracked-BRD/file_id.diz