ce6a1e0304b0c6b5abcd38831555ed74_JaffaCakes118 | Triage

Sharing

General

Target

ce6a1e0304b0c6b5abcd38831555ed74_JaffaCakes118
Size

484KB
MD5

ce6a1e0304b0c6b5abcd38831555ed74
SHA1

f0d37d4dfa92e6d670efe484dfae612d69c83f81
SHA256

e04bab6675bd929c02c4b36ee8d4f4e9e29bc4653d1e52cf530cdcf8798c2d07
SHA512

7852da009a029d80cc54d5f4b37b9af8970e519fbb42285a1e422bbfb7ec2e367d8a9704559de43d85bbb58a7ab69dd5839f2a993e50f7a1c503213eb3142ec6
SSDEEP

12288:HM2WaPgptfrF90iflWckzpDQr3TZ6GAqv7bnKM2XZxZuE:H3YpzZcNlDQrjZJ2MQZ3p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/XexTool.exe

Files

ce6a1e0304b0c6b5abcd38831555ed74_JaffaCakes118
.rar
XexTool.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 108KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 13KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
XexTool.txt
x360_imports.idc