f5de07df672e6993e6a376ca7a6b3cc7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5de07df672e6993e6a376ca7a6b3cc7_JaffaCakes118
Size

2.1MB
MD5

f5de07df672e6993e6a376ca7a6b3cc7
SHA1

299fde8262f0fca0dd11933efae46bc2601de3fe
SHA256

204d89ca137ff135f59aef886e91d740644af5afd17c4336dff337840a817232
SHA512

c9edfc27daf3262069c7c4ce18002d14fd07c47e4911c35d4e9a91ca956a8b74bf0e2e2350068ffd8c8ed45175a255a1106383f5dfc972c0afc25db5c2071978
SSDEEP

49152:QwEvk+9ZcV1dos8yEu/BFPjPrFCSLf3CSgM3GPYvIcrIEIi:Qwak+/0CW//LPl73CXOGQvPrP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/scribbler/setup.exe

Files

f5de07df672e6993e6a376ca7a6b3cc7_JaffaCakes118
.rar
scribbler/license.txt
scribbler/setup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
scribbler/下载说明.htm
.html .js polyglot