186aa0d581e549b99065a1baa1451b50_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

186aa0d581e549b99065a1baa1451b50_JaffaCakes118
Size

434KB
MD5

186aa0d581e549b99065a1baa1451b50
SHA1

c9e0bcfce7dcf7a3db48c8063d7818ba985676c5
SHA256

0097beb8f038184e70849d25cfa17803ae805590c1710f961c33da5221c1ded9
SHA512

776e92f1b80f841e601cabbd9691a39ed73540e0faf14248264e3686c5c7dfa5aaa21f9a067a79a583514f9e7220e6bd7037d14d8983e8c192715bbc32469026
SSDEEP

6144:OaHh3KUNJPROP9Dc5mF65sHDsQPM6yk3IH12zrntR8xKcj0PCIIJsl:HB3xJpOyxaEAK2X38xKy06Wl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HTTP_ICQ_Sniffer/HTTP & ICQ Sniffer.exe

Files

186aa0d581e549b99065a1baa1451b50_JaffaCakes118
.zip
HTTP_ICQ_Sniffer/HTTP & ICQ Sniffer.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 736KB - Virtual size: 736KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 13KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HTTP_ICQ_Sniffer/readme.txt
HTTP_ICQ_Sniffer/www.chaser.front.ru.txt
HTTP_ICQ_Sniffer/www.chaser.front.ru.url