b152dedc581b35b8f812f7f6c8a8d7eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b152dedc581b35b8f812f7f6c8a8d7eb_JaffaCakes118
Size

5.0MB
MD5

b152dedc581b35b8f812f7f6c8a8d7eb
SHA1

8bca0694280306c4fc6601f0020b3a62c4149b70
SHA256

5605c9f103ed7ccf85366f58c3136a449724e093b520bdd7bfcf57017a325342
SHA512

6401bdfc1a1b21819dd604a120877f08d24c347bd407c014e39422e5a78030d20712d1630f481060897b752e6ebee271256353d32cf7a8158bc73a0902cbdad7
SSDEEP

98304:snJl4cwJ5aYYuiNC8H/EKF5a85MmoxXOBJcNeYqBn8F+iT5RV/ZN8x/Dvt:sJlCCYwC8HX5MmoxXpNe4vBs1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sample

Files

b152dedc581b35b8f812f7f6c8a8d7eb_JaffaCakes118
.bz2
sample
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\project\ss\data\bin\client.pdb

Sections

.text
Size: 4.1MB - Virtual size: 16.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 956KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 792KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dcy
Size: 4KB - Virtual size: 336B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Silvana
Size: 4KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE