00b457361d158a0b0ed19621ef8007d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00b457361d158a0b0ed19621ef8007d8_JaffaCakes118
Size

1.5MB
MD5

00b457361d158a0b0ed19621ef8007d8
SHA1

8cb2f56c96e183635c44a88affba0d6bff59af24
SHA256

7544feaeb7177b76c1cbffe800afb0f8877a0db9b300928b50c559b26b35319e
SHA512

dd40da65c504837f61b2dede6d289852e2047d0bea95bd06024e3a88a05bd2c10f735fe1beba71712eb71e303113761f0e49104b88bb9bb3685a36842bfc4a07
SSDEEP

24576:BmocG3s8Fls+RZsTWBWfncF/s24kDbJV3:BVFls+IKBp4kDr3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00b457361d158a0b0ed19621ef8007d8_JaffaCakes118

Files

00b457361d158a0b0ed19621ef8007d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 700KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 4KB - Virtual size: 31B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

OGRE2.01
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE