2bb8113a814507876d6cc4e1db6f5612_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bb8113a814507876d6cc4e1db6f5612_JaffaCakes118
Size

2.3MB
MD5

2bb8113a814507876d6cc4e1db6f5612
SHA1

8566e596fb8680b45c1100fb58c1d227e56f4162
SHA256

40d4340ec27f4c01b020c6931f566b17cf29e1a8f8f72eba3a6365887b76a8dc
SHA512

63020e47b6c7491214cb43924a1e9d1cc5bfea367db24449d0d0d2a196e75be0335cb6db5c56bcb5be6d740d5a09573c358a25dcb949b09e1a0bb8c6160597b5
SSDEEP

49152:3y1HqsoOYhXm22hvDTDpG/NWeYzlqRZMWo1yk1rl4kZJsp+XCq+:iDoDXAL8VJ2qRa51FZZJssXCr

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bc_gj-VisualVBS_hicode/hicode/VisualVBS/3SOFT/IcoSprite.exe
unpack001/bc_gj-VisualVBS_hicode/hicode/VisualVBS/3SOFT/dePack_1.0.exe

Files

2bb8113a814507876d6cc4e1db6f5612_JaffaCakes118
.rar
bc_gj-VisualVBS_hicode/hicode/HiCode.cn.url
.url
bc_gj-VisualVBS_hicode/hicode/VisualVBS/3SOFT/IcoSprite.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 180KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bc_gj-VisualVBS_hicode/hicode/VisualVBS/3SOFT/IcoSprite.txt
bc_gj-VisualVBS_hicode/hicode/VisualVBS/3SOFT/dePack_1.0.exe
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

.petite
Size: 189KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 190KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bc_gj-VisualVBS_hicode/hicode/VisualVBS/Dos_help.chm
.chm
bc_gj-VisualVBS_hicode/hicode/VisualVBS/HiCode.cn.url
.url
bc_gj-VisualVBS_hicode/hicode/VisualVBS/Microsoft Windows脚本技术.CHM
.chm
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/VBS删除自身.class
.vbs
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/VBS看看今天是星期几.class
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/vbscript中的循环.class
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/vbs中的错误捕获器.class
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/vbs强制关闭程序.class
.vbs
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/vbs读英语.class
.vbs
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/中文姓名笔画计算.class
.vbs
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/创建文本文件.class
.vbs
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/删除文件.class
.vbs
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/字符统计功能模块.class
.vbs
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/弹出YESNO的对话框.class
.vbs
bc_gj-VisualVBS_hicode/hicode/VisualVBS/VBSClass/打开任务管理器.class
.vbs

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 180KB - Virtual size: 400KB

DATA Size: 2KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 28KB

.rsrc Size: 12KB - Virtual size: 48KB

.data Size: 9KB - Virtual size: 12KB

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.petite Size: 189KB - Virtual size: 376KB

.petite Size: 2KB - Virtual size: 8KB

.petite Size: 512B - Virtual size: 8KB

.petite Size: 3KB - Virtual size: 12KB

.petite Size: 512B - Virtual size: 4KB

.petite Size: 512B - Virtual size: 4KB

.petite Size: 27KB - Virtual size: 28KB

.rsrc Size: 20KB - Virtual size: 140KB

.petite Size: 190KB - Virtual size: 376KB

.petite Size: 3KB - Virtual size: 8KB

.petite Size: 30KB - Virtual size: 29KB

CODE
Size: 180KB - Virtual size: 400KB

DATA
Size: 2KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 28KB

.rsrc
Size: 12KB - Virtual size: 48KB

.data
Size: 9KB - Virtual size: 12KB

.petite
Size: 189KB - Virtual size: 376KB

.petite
Size: 2KB - Virtual size: 8KB

.petite
Size: 512B - Virtual size: 8KB

.petite
Size: 3KB - Virtual size: 12KB

.petite
Size: 512B - Virtual size: 4KB

.petite
Size: 512B - Virtual size: 4KB

.petite
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 20KB - Virtual size: 140KB

.petite
Size: 190KB - Virtual size: 376KB

.petite
Size: 3KB - Virtual size: 8KB

.petite
Size: 30KB - Virtual size: 29KB