27bbe1ac76c0984f14719458c5ce8164_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27bbe1ac76c0984f14719458c5ce8164_JaffaCakes118
Size

225KB
MD5

27bbe1ac76c0984f14719458c5ce8164
SHA1

31884081443f10f665ef9d62e27ae540abd38329
SHA256

1d1f0365576718fb2b93379e072ffbddfae01615293719c0cf0bef4ff3dc89c4
SHA512

2ad150a775dc9d28a03fb9917ca3b8a510307c1a448f1271fe3d2a5df9e31cb54914a47047af8c75d6154c1b6ab2f7e205be117767e5382153779569b9b2e99e
SSDEEP

6144:D+wVMXu9ul2/IX5kZXNYTK2frFrF7KooR+AfoSoXseIO4T0cvnS:6o0BBkFPKD7UoSo8eIS/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bad912a0d07d345e9dc35334352022300581197520d702d0f922a1f4f5824ce6

Files

27bbe1ac76c0984f14719458c5ce8164_JaffaCakes118
.zip

Password: infected
bad912a0d07d345e9dc35334352022300581197520d702d0f922a1f4f5824ce6
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ