a976a0624a39f3a78a56d97710d6b050_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a976a0624a39f3a78a56d97710d6b050_JaffaCakes118
Size

835KB
MD5

a976a0624a39f3a78a56d97710d6b050
SHA1

5f027db3c75cc1ef1ec1dc88af68e3f5ae8e4467
SHA256

1b7cef0d0aa6f9368f30ece1cef724c4d6c104c01b6775f52892994fc761b527
SHA512

6af3ca8805e38ce815816ce9487bb2f02ab71a9fd7398b82655b91c9cebe0e183b9bf2461f41d04baf8d8bd6a12cb4737e15539b38c08d4ec89141670d563645
SSDEEP

24576:Qt32oFMrmrInRdEmOwxi7GVXDd4jKcMb+ph:Qt32oFMmryp/Jdd+D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/lxz20091015.exe

Files

a976a0624a39f3a78a56d97710d6b050_JaffaCakes118
.rar
lxz20091015.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 849KB - Virtual size: 852KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE