767d54f875bc1a99feeff520878d75d5_JaffaCakes118 | Triage

Sharing

General

Target

767d54f875bc1a99feeff520878d75d5_JaffaCakes118
Size

382KB
MD5

767d54f875bc1a99feeff520878d75d5
SHA1

4d20d84de27849ff7314e952647b1aa9efaa3fd5
SHA256

549c5003e4995f4b45e81bc73ac85cc7050207f8ea7b78324ce8f38439d85abd
SHA512

df9ce35f48d14af6d32600c15f57ca6a9dbcfc98a1092bbc76fcc9a87452fe0506da446b281a18dfbda158c37ee3cb3aebe19eee18361fc9a7ad71f474ed9ced
SSDEEP

6144:oKcma9n3uAyWkkPy/lCZYa1VWPyZ4Jacp6W6ZEdXxkso1VoFM40A+DJC+VzdlqRn:omS+AyWxca1Ikcp6WyEpxg1VoFM409V8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/craagle18/Craagle.exe

Files

767d54f875bc1a99feeff520878d75d5_JaffaCakes118
.rar
craagle18/Craagle.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
craagle18/Craagle.ini
craagle18/YouKing.nfo
craagle18/plik pobrano ze strony seriko.pl.URL