55904078fa28017c849b574335948d46_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

55904078fa28017c849b574335948d46_JaffaCakes118
Size

114KB
MD5

55904078fa28017c849b574335948d46
SHA1

f78bf1fa88d25ee670db723b75a16f8243370d4b
SHA256

6d6bfeff89d271ebf37ee98d0602d27fc37738e10a6a92046ed3960a7c8f2052
SHA512

c31e8b4ff2500e65337f3a186b8e92314a503efcc4b162d9404fb06156d4434c57d172253b6dc8d49f55585c21d3d9c86177a5bb3d82f472094d830f33a5ba66
SSDEEP

3072:cLm/oMYxnVi+C0dWyErTMxH715yjesEXA1ogqNZdG:cLm1Yj9WPrw9yqs+cogqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Un FSG v2.0/UnFSG2.0.exe
unpack001/Un FSG v2.0/Werbung.exe

Files

55904078fa28017c849b574335948d46_JaffaCakes118
.rar
Un FSG v2.0/Src/1.bmp
Un FSG v2.0/Src/Debug.inc
Un FSG v2.0/Src/Res/UnFSG2.0Res.rc
Un FSG v2.0/Src/Res/UnFSG2.0Ver.rc
Un FSG v2.0/Src/Res/UnFSG2Dlg.Rc
Un FSG v2.0/Src/UnFSG2.0.Asm
Un FSG v2.0/Src/UnFSG2.0.Inc
Un FSG v2.0/Src/UnFSG2.0.Rc
Un FSG v2.0/Src/UnFSG2.0.dlg
Un FSG v2.0/Src/UnFSG2.0.rap
Un FSG v2.0/Src/macro.inc
Un FSG v2.0/Src/section.inc
Un FSG v2.0/UnFSG2.0.exe
.exe windows:4 windows x86 arch:x86

e7c69cf5d57234f982a56dbab78b7ca3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitProcess
GetExitCodeProcess
GetModuleHandleA
GetStartupInfoA
GetThreadContext
LoadLibraryA
MapViewOfFile
ReadProcessMemory
CreateProcessA
TerminateProcess
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtectEx
WaitForDebugEvent
WriteFile
WriteProcessMemory
lstrcpyA
CreateFileMappingA
CreateFileA
ContinueDebugEvent
SetThreadContext
CloseHandle

user32

GetDlgItem
EndDialog
DialogBoxParamA
wsprintfA
SetDlgItemTextA
SendMessageA

comctl32

InitCommonControls

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Un FSG v2.0/Werbung.exe
.exe windows:4 windows x86 arch:x86

5c4d602843f54570889588b32f7af650

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord100
_CIatan
_allmul
_CItan
_CIexp

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7c69cf5d57234f982a56dbab78b7ca3

Headers

File Characteristics

Imports

kernel32

user32

comctl32

comdlg32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 94KB - Virtual size: 93KB

5c4d602843f54570889588b32f7af650

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 92KB - Virtual size: 90KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 94KB - Virtual size: 93KB

.text
Size: 92KB - Virtual size: 90KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB