2b0994c0b26d7d0a6c59d75cab14a325_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b0994c0b26d7d0a6c59d75cab14a325_JaffaCakes118
Size

152KB
MD5

2b0994c0b26d7d0a6c59d75cab14a325
SHA1

fd241b257d3915687f6b490f754308e5194b94b1
SHA256

43befd199ffa4a2465200df69ffab352a2722085d3cddcaabf06f47007979b63
SHA512

c086cae7ecdc940203b1970a87256e8da8b8b1dd7a0ec0f4cea11d034de98f17795c7568a7fc95bde4c1648f3b71915c22a5ab87c3e6377694746461421300a8
SSDEEP

3072:1ohKuJF9qTfh+tDQM9WjPviHmi4jQU+4RnK11woWbAFwImuAgsRDZpc0+zXA1Qb:MDJbqTfh+d1Hmj+oK1ob7VRDZm1zQ1O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BUTTONS.EXE

Files

2b0994c0b26d7d0a6c59d75cab14a325_JaffaCakes118
.zip
BUTTONS.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PRIMA_CLICCA_QUI.html
.html