remcos | 109f178939666209f337edcb7095996d_JaffaCakes118 | Triage

Sharing

General

Target

109f178939666209f337edcb7095996d_JaffaCakes118
Size

373KB
MD5

109f178939666209f337edcb7095996d
SHA1

a30d845117319e60679a0048a3f32fc90ceedd6c
SHA256

728032fc2156262ac444ba35b41678412fe7d95ee7abcf794169e1223cf340db
SHA512

d4127bf090a4e58fbac1a08e6d6a936b06948f3ff01a5e1796ac3c9fdb24f31ffe271eba5626323044cb55d2900f293609ae03c3664357dda7c309ba5ff0d79d
SSDEEP

6144:6dg5n5DJJL7XJAnY7yo0nqsJ445mgy+sk8VAX8dN4pq:VnnJHX+nO8hJB5mKD8Z1

Score

10^/10

remcos

Malware Config

Signatures

Remcos family
remcos

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
109f178939666209f337edcb7095996d_JaffaCakes118

Files

109f178939666209f337edcb7095996d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xud
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ