bd375fad5d1cbe232bbe139ea22c2e18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd375fad5d1cbe232bbe139ea22c2e18_JaffaCakes118
Size

1.9MB
MD5

bd375fad5d1cbe232bbe139ea22c2e18
SHA1

743cccfe5797ebc0b1435779a0f61a46837beebc
SHA256

d17aed6a43effbb2a1fde5a50bada7545fd0f1c4bd5b3ea9dd7e3dfb8bceead6
SHA512

dbaf7968cbaecbafd3344b1aa4d08a5d6ddddd507723c66f40f80989d102a6c45ce5612b9e2ab74601d4f3a181ee3a4309392762983ee95c2a8db22e07e4b529
SSDEEP

49152:CEutzfsCG5HDzFg83N5o9MaTMuZMDP+//Y0g:gzECG5HNg83NxKmD2/gT

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd375fad5d1cbe232bbe139ea22c2e18_JaffaCakes118

Files

bd375fad5d1cbe232bbe139ea22c2e18_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 618KB - Virtual size: 617KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ