ea85bb5aaa3ddeb39a13fa48675f2171_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea85bb5aaa3ddeb39a13fa48675f2171_JaffaCakes118
Size

99KB
MD5

ea85bb5aaa3ddeb39a13fa48675f2171
SHA1

d1475831e1aa1bf4132e9461a4dbe9bcc7a2ad23
SHA256

89d34da72e70d5e617883267a0e74bc888b74231dca4a6290e5d618245a98d5f
SHA512

6eee8441480bde2b8bdecd06461b38eab834f9221453dce9577385455d0e105a5ed100103309bc5ec19ffdb5dc5ce886e72f6d24923aef6c93d06e647470006d
SSDEEP

3072:W47excGxFLPkH9SnbZDaFwQtzmhkrUyZ31dLiikrXc:W+eGYtPk0Z+FwMzikrlZXWA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-TOPLESS.exe

Files

ea85bb5aaa3ddeb39a13fa48675f2171_JaffaCakes118
.zip
GOLAYA-TOPLESS.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ