fe11fb85f9b74461a7e75a76c158d3c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe11fb85f9b74461a7e75a76c158d3c6_JaffaCakes118
Size

131KB
MD5

fe11fb85f9b74461a7e75a76c158d3c6
SHA1

84ffb7f8de99240d909d5c9220946b221bfcfcb9
SHA256

847e56b436a82e4293705b5394675180b70264b90ad73ac36eb9e44b250dd6a9
SHA512

9847504e8f59be0ec3aefbf55acf0742a8aea7aa4eb1f622c56de3de5d6837e801bc4d9d1faaebea6fe0befb0dfd3baa5cce780e318f0496d29e8afc67580c9c
SSDEEP

3072:3nHXMpxcGxFyhQ0bOqYW6Qn6RuhCmICnACTIUAf9QnwhmHr:XHmGY/o0W6Q6R8CsnVTI4wh+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-DEVOCHKA.exe

Files

fe11fb85f9b74461a7e75a76c158d3c6_JaffaCakes118
.zip
GOLAYA-DEVOCHKA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ