e275cbb72509b1252c7d5cb4e71f1de6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e275cbb72509b1252c7d5cb4e71f1de6_JaffaCakes118
Size

988KB
MD5

e275cbb72509b1252c7d5cb4e71f1de6
SHA1

63006aba17076e5741325f86cd798e70636b74d7
SHA256

b7ca1eb0a0b79d82eb7dfa890da0da2d139db32e5a4c25fe74aa18dee4e7cdab
SHA512

5c8af4fc9640c957aa79982cab7178403b74b9875152fce2b5749187ede57a436b0539f9562fa0545da48f2a05156fec103f346ad29d50c5021802c633910da7
SSDEEP

24576:F6uCVfMt2Ff5WDAN7lOSDGuAB90TAx3ccJonAhX6KVxAL:FtJCxWDsRcW6Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack003/factura 97897.exe

Files

e275cbb72509b1252c7d5cb4e71f1de6_JaffaCakes118
.eml
email-plain-1.txt
factura 97897.tar.gz
.gz
factura 97897.tar
.tar
factura 97897.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\HP\AppData\Roaming\Yonetim\obj\Debug\Eczane Yönetim Sistemi.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 858KB - Virtual size: 857KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ