eb28b497e124b2be589efb99f74a936c_JaffaCakes118 | Triage

Sharing

General

Target

eb28b497e124b2be589efb99f74a936c_JaffaCakes118
Size

2.0MB
MD5

eb28b497e124b2be589efb99f74a936c
SHA1

202bfe3957c8a7571966c66806006942b95a669b
SHA256

a7395353081ee0eec72fde17588572abbe480a87fe1a0957162c646d97b7d19c
SHA512

9a8332dead2658673061790d2edd879b68479667439d88a1f8e53f5f0141ea1fdd126772ef82b6a329bfe96d4e1cdab5fe787dd5ac4c5bf3482d3eb966206ff1
SSDEEP

49152:SLxORYoEBZOjmvCG2QDxkh++W+8zn0j+3LNzpu2+ONhHjMoO72f:lFAoG2mkh++V/ku23bHwoO72f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Re-Loader Activator 3.0 2/[email protected]

Files

eb28b497e124b2be589efb99f74a936c_JaffaCakes118
.rar
Re-Loader Activator 3.0 2/Info.txt
Re-Loader Activator 3.0 2/[email protected]
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Re-Loader Activator 3.0 2/Readme/Leggimi.txt
Re-Loader Activator 3.0 2/Readme/Lisezmoi.txt
Re-Loader Activator 3.0 2/Readme/Readme.txt
Re-Loader Activator 3.0 2/Readme/自述.txt
Re-Loader Activator 3.0 2/SetupComplete.cmd