b08d1f329a70136ab202a8337c34c5ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b08d1f329a70136ab202a8337c34c5ae_JaffaCakes118
Size

27KB
MD5

b08d1f329a70136ab202a8337c34c5ae
SHA1

b8e541911f716c8ffbefb729a27c0a86223fa68a
SHA256

e74848f35661d31ae5bfe2534b8e35dba51cd1bddfe8af85fcf67d38b10bfc3d
SHA512

fab1e67e9c12e2ee45803898a0673fc6648bd41cafae8fb1fba346a25094995b2548779565f46d06e9a79d8d984b1523c00de96d5f722bfcfc272c0f8de6e63a
SSDEEP

768:D3ayS6T56o3ZB0ukavzUNrV/4XMot3SmcWlJkwMUH70WG:LaT6T5PpB0/abUNx4XMKSmXlJJ0B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Win-Err.exe

Files

b08d1f329a70136ab202a8337c34c5ae_JaffaCakes118
.zip
FILE_ID.DIZ
OE.EXE
Win-Err.exe
.exe windows:4 windows x86 arch:x86

bdbea5b77df0f65aee8d3f9bbbd22849

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

vb40032

ord685
ord100
ord187
ord186
ord199
ord595
ord600
ord610

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinErr.doc
.doc windows office2003
order.txt