f4d0dd18f720309bf1601ae7c47f4b49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4d0dd18f720309bf1601ae7c47f4b49_JaffaCakes118
Size

809KB
MD5

f4d0dd18f720309bf1601ae7c47f4b49
SHA1

ba4e6100cfaa6611e8fd050f7813b6c17e0ef221
SHA256

a97308273ca6478348fcd484fc1488998c5ce6e08f062dbd9efa1d01f746e4b3
SHA512

7711b467b9d0203bbf0ac842afbe8f146cdd81ca4454b1d5542d57113a7ba483141270034b035a7a3b55582d875f540c2d2cfba7c865adba3e774b409c2b133a
SSDEEP

12288:PhY11zdktvUcYNeBpGGYD/FmlBvzp77biw/Q2u1nFnJN9ten0RtfNbIp4brHGnC:pCeBpHYD/Fmd/Q2uFn3NRtVxXHGnC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/EUI89454BU4673.exe

Files

f4d0dd18f720309bf1601ae7c47f4b49_JaffaCakes118
.eml
- http://www.uba.ar/internacionales/index.php?lang=en
- http://www.facebook.com/univerzitet.u.beogradu
- http://twitter.com/#!/Univerzitet_BG
- http://plus.google.com/114595110505851338750/posts
- http://www.linkedin.com/company/university-of-belgrade
- http://www.youtube.com/univerzitetubeogradu
EUI89454BU4673.zip
.zip
EUI89454BU4673.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 632KB - Virtual size: 631KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-1.txt
.html