31329031f337e85c0e33a89818861a22_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31329031f337e85c0e33a89818861a22_JaffaCakes118
Size

28KB
MD5

31329031f337e85c0e33a89818861a22
SHA1

ea548503c77afee365707c5a0ff388ac8c8d3cfa
SHA256

2357baf1de9b3db71ce84a7cb0f9428d35636ee84cdf9c587fbf48600458a894
SHA512

f80cd2d5f0446a66fe3431157bafe3054a2d992a7232f0e6481eeefc1dff53677d3ea46d4eeac173f2c31d770cdbe25c40b404f2493ed13e201be3a83042ac91
SSDEEP

768:hPA6lQRud5gRx/HI4Q2CFTlqshoODbcVjcCe:hPzGud5gDHCIOH

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/EXAMPLES/SAMPLER/SAMPLES/0001.EXE
unpack001/EXAMPLES/SAMPLER/SAMPLES/X001.EXE

Files

31329031f337e85c0e33a89818861a22_JaffaCakes118
.zip
EXAMPLES/EXPERT/EXPERT.ASM
EXAMPLES/EXPERT/EXPERT.DEF
EXAMPLES/EXPERT/MAKE.BAT
EXAMPLES/SAMPLER/DROPPER.INC
EXAMPLES/SAMPLER/EXEHDR.INC
EXAMPLES/SAMPLER/FILEIO.INC
EXAMPLES/SAMPLER/MAKE.BAT
EXAMPLES/SAMPLER/SAMPLER.ASM
EXAMPLES/SAMPLER/SAMPLES/!-GO.BAT
EXAMPLES/SAMPLER/SAMPLES/0001.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
EXAMPLES/SAMPLER/SAMPLES/X001.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
FILE_ID.DIZ
KME32/KME32.INC
KME32/KME32.INT
KME32/TODO
Z0MBIE.NFO
Z0MBIE.PGP
ZMORPH.HTM
.html