xtremerat | a56bce337090724acfb239e5fef18f88_JaffaCakes118 | Triage

Sharing

General

Target

a56bce337090724acfb239e5fef18f88_JaffaCakes118
Size

44KB
MD5

a56bce337090724acfb239e5fef18f88
SHA1

b8fbbb621658ce1945f2a2a688ea2df8b52873aa
SHA256

30254bdef875a3a21897d6ecd8845f005721ab6dcf7fe05a17b9fa2dfd1731d5
SHA512

9b1bd8a92712e37bfcd2fb4cfbf51b74ed4e35022c61c3b3e150c285eda090f40c74488b57bc58e6368a6590f2b326b9a663146fc3e3f147c18c1e24b7e8067e
SSDEEP

768:rBr+tjFqTPkAlfztB1lr6anXsmTg8uvm2jfOTwYPI+zoJ1L:FyRUHlrL1lr6anXTruvm27uQCozL

Score

10^/10

xtremerat

Malware Config

Signatures

Xtremerat family
xtremerat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a56bce337090724acfb239e5fef18f88_JaffaCakes118

Files

a56bce337090724acfb239e5fef18f88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ