325faf7c3bed9e16db1e8cbcee3b74cc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

325faf7c3bed9e16db1e8cbcee3b74cc_JaffaCakes118
Size

428KB
MD5

325faf7c3bed9e16db1e8cbcee3b74cc
SHA1

a85e8ac34d271c3f008270df95c4030845d13caf
SHA256

8ffbc56be4fac3dd43c8279b7f3238060ea054cde2be82a1e1d86b595cab30dd
SHA512

6d60a300af71f9d91b76e0145cd6964636662565e7d7080108643a803639137b1a6ffce387ddb59e7f1f082686a2021b88dc640ea36c5d9f2411a9c8835f0540
SSDEEP

12288:EgYNksTCnf7/aCm0tjCBue7u1pZ6F7qo1iSw7gjc86lraB:Eg08fLaCjj7bqcootgoXZaB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/resco keygen.exe

Files

325faf7c3bed9e16db1e8cbcee3b74cc_JaffaCakes118
.zip
Installer.CAB
.cab
0000cour.005
000Setup.999
0RViewer.008
Explorer.007
RCRYPT~1.009
RESCOP~1.006
REXPLO~1.001
.html
REXPLO~1.002
.gif
RFILES~1.010
RVIEWE~1.003
.gif
RVIEWE~2.004
.gif
RZIPSH~1.011
_setup.xml
Read Me.txt
resco keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

ckig
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Ehpo
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE