17ac9f4c13b3928b14bee5b929ea2ad6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17ac9f4c13b3928b14bee5b929ea2ad6_JaffaCakes118
Size

1.0MB
MD5

17ac9f4c13b3928b14bee5b929ea2ad6
SHA1

8d52b9f5d8f6cdddd4f424f52d7236b94cc7ca9a
SHA256

cf3a440c53093fa992f135ca1ae1eb2cb418ce0771c72e10a8e0f2f7f25a8213
SHA512

641a79743052d0ac183b9a7f6238ecfa0318e86fa54072c15282ed4326be76392d38156bfd5ce714178bd824a229729e1a9461e9ac420941d2238af7ca12b1eb
SSDEEP

24576:yds1yVhz2hwoxNlVWDQ5LGebDUkwyP1growjp1uKTiqvp:CTVhz26oxAYzP1KownN3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/setup.exe

Files

17ac9f4c13b3928b14bee5b929ea2ad6_JaffaCakes118
.zip
faq.nfo
setup.exe
.exe windows:5 windows x86 arch:x86

baf971b693b3da05731290e17c065d34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue

Sections

olmwizwt
Size: 257KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gandyayl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

elrtfxsi
Size: 739KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hpwyyjvv
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE