f79654707fe61191d989632e924e8e1c_JaffaCakes118 | Triage

Sharing

General

Target

f79654707fe61191d989632e924e8e1c_JaffaCakes118
Size

714KB
MD5

f79654707fe61191d989632e924e8e1c
SHA1

3541efce30801d58bcf6fd1f17b3e6dea7683fd5
SHA256

c01319e969a567a2494e73bfb5179f75a9dc6a0bfb7e0ac56250dc90a72e8959
SHA512

adfd67b6f3784e08c1465629f0345517c62196c4420424ac0a0ef6a66fc5487946925d254df7f3f373953e4d6a9b74c941253256feb34e5521a85e7d9f612a47
SSDEEP

12288:hS+2IG6xzw7Swi1GqPBHz2IyRjqbfIE/BDBrAbwpzNJjLzU4jxu6LJmVmQ9Bqj27:f2IGXSzNHaVRjU5uezX4Ixu6LkQQhRZl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/243d713a5124eb1bb3b1ee2e70c7a404d531da84c68bbfa5a838b092a1058a7a

Files

f79654707fe61191d989632e924e8e1c_JaffaCakes118
.zip

Password: infected
243d713a5124eb1bb3b1ee2e70c7a404d531da84c68bbfa5a838b092a1058a7a
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 824KB - Virtual size: 823KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ