xtremerat | 2feebfedf6e2580cdc9f1d8704a0a655_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2feebfedf6e2580cdc9f1d8704a0a655_JaffaCakes118
Size

44KB
MD5

2feebfedf6e2580cdc9f1d8704a0a655
SHA1

9a427f1fb65885a2cf561bddb424e58c408ab079
SHA256

2c1127d215a9cba5bfda713d1e72020397c5b854d9b4ce6a1e537e69c1385bbf
SHA512

1c6ac0936cf85e708508fb9b58f492af0b7f14b67d7d2fb00ce279355de05c304b14483cc763888d78efd20d10ef15acffd19831284fbd36d8d87000d195dd20
SSDEEP

768:rBr+tjFqTPkAlfzto1lr6an3smrA8uvm2zfOTwYPIkzoiQ:FyRUHlre1lr6an3rLuvm2LuQkoiQ

Score

10^/10

xtremerat

Malware Config

Signatures

Xtremerat family
xtremerat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2feebfedf6e2580cdc9f1d8704a0a655_JaffaCakes118

Files

2feebfedf6e2580cdc9f1d8704a0a655_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ