8da478b2228bdd41966d8a08c75cb691_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8da478b2228bdd41966d8a08c75cb691_JaffaCakes118
Size

907KB
MD5

8da478b2228bdd41966d8a08c75cb691
SHA1

f75bf663ed4a08121f4a1ac030530f481d436657
SHA256

5e27210066fda8e7c4a957b716a2308edc012f6ee6ac6d4f0085c431782e1288
SHA512

28ca0baac5b36492f53a0b5669e31da8fc5eac1d97b7fec43030f8a22aca71201436ad7cdac89b5358b9d4f4bfa9d6fda559c310325991f50e76e1e76c437a36
SSDEEP

24576:nNzj4rbih/jQn1CnGQUYaWy0SDYVGFNSrWMindFInK:n54X0/jQ1CnGQUcSStrVionK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Liab.exe

Files

8da478b2228bdd41966d8a08c75cb691_JaffaCakes118
.zip
Liab.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

fU
Size: 804KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
autist.ani