amadey | JaffaCakes118_7a1eb83c07b3afdd34bc43a37d73935b3201b83712fae8456c2a826c49df73ae | Triage

Sharing

General

Target

JaffaCakes118_7a1eb83c07b3afdd34bc43a37d73935b3201b83712fae8456c2a826c49df73ae
Size

480KB
MD5

52d3a4ced254c297df9a237a5d0c0ed1
SHA1

2b030c65b5ce5acf12a93cf46b12182f03deda47
SHA256

7a1eb83c07b3afdd34bc43a37d73935b3201b83712fae8456c2a826c49df73ae
SHA512

f4d1447872757c5130dc99b4205aafa90bba3544459e0b6d1958eba9efa8a96cc0cbb7b081decb9a20ad2b903f98739a288bec735b028d86a471967213756597
SSDEEP

6144:9dN1WQjmqwwao/5YmM9aiMqwWJu98tsQ0S1fmIHgL:9pjVZao/WZ0ivwWJu98tLx

Score

10^/10

amadey

Malware Config

Signatures

Amadey family
amadey

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7a1eb83c07b3afdd34bc43a37d73935b3201b83712fae8456c2a826c49df73ae

Files

JaffaCakes118_7a1eb83c07b3afdd34bc43a37d73935b3201b83712fae8456c2a826c49df73ae
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ