f33a247e26d6983b12c70d47e5117bee_JaffaCakes118 | Triage

Sharing

General

Target

f33a247e26d6983b12c70d47e5117bee_JaffaCakes118
Size

1.8MB
MD5

f33a247e26d6983b12c70d47e5117bee
SHA1

cdcd516b448b737d65ad0b10ecbf46c6cbdda060
SHA256

a9a4724beeb4463e0bda523131a8281bac10212b221f57452d2d7a06454634a6
SHA512

c19872c56203fcc0eaf3b8f3f9ab2ceaa78fb36fe1f57ec0aefc629781b66fb13daf095ee8ab5c776bf33e410a2fa6c943ae8cffcba74e82d50e0fd3d9f484e9
SSDEEP

24576:G5MI676DO9fx8Dgyfx8Dg9AW9/gOiEpvWnNwDZFSL:Gt676858Dgy58DgPoO1BWnCZU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/REQUEST FOR QUOTATION - PCIHBV2021MRP27220.exe

Files

f33a247e26d6983b12c70d47e5117bee_JaffaCakes118
.iso
out.iso
.iso
REQUEST FOR QUOTATION - PCIHBV2021MRP27220.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ