6ee6522438ea4c91c4f065f10ea7c0c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ee6522438ea4c91c4f065f10ea7c0c9_JaffaCakes118
Size

2.8MB
MD5

6ee6522438ea4c91c4f065f10ea7c0c9
SHA1

a4e49449689d76892712fa0ff1296658759345b5
SHA256

3a5b0a09585edcc762d8f6ae3a172fb4d518f5dc0402aedba5c0142095d7d212
SHA512

3d7763a94cd802fe1a78115ea2a160fc0053bcb3261f880816306ee22822d53f387e44aa09a624d2f68682913170d151ec616c5e3b95196b26a3dece7ee61e35
SSDEEP

49152:0+98TEpOlfEDNf+LUJExoPxh7JG63Y3+4dLyti07wN:0uOFEV+AUoD7JGaYnCrK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Guns Gore and Cannoli.EXE

Files

6ee6522438ea4c91c4f065f10ea7c0c9_JaffaCakes118
.rar
Guns Gore and Cannoli.EXE
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 9.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE