1bcad23e299f24671a1c724167a13ff8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bcad23e299f24671a1c724167a13ff8_JaffaCakes118
Size

340KB
MD5

1bcad23e299f24671a1c724167a13ff8
SHA1

08ca7a36ea1ac1d3b7acfbc5dbd114ca1c4215ec
SHA256

d6bbb432791ad5c64ff4980c80112612977a310ef922f8e084f838076bee7012
SHA512

0c0c94aa9da18d4c92075c53e4b6a95ebcde9074ef963b043cb3cf594216b3a46005edd9cd8183ddc984a170861f7b97800183a1a8c3a29ad6738bce052277d8
SSDEEP

6144:VS81FFnqHy6Sm7WiH6xhISRiul8YA5UrTNKnkBSj7YtWnqrNmuV7XMUS:91FFnQjjax7F59yfqrNmuVX3S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MagicTree.exe

Files

1bcad23e299f24671a1c724167a13ff8_JaffaCakes118
.zip
MagicTree.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ