fd431c5a611bcd579ea5b6a5895ffbbf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd431c5a611bcd579ea5b6a5895ffbbf_JaffaCakes118
Size

840KB
MD5

fd431c5a611bcd579ea5b6a5895ffbbf
SHA1

d25e0760b49c648208e9bea8be32c8b25130d765
SHA256

40f64598ea5474156f785a9baf153e066c83cb52bb2caef41e001290d5b3c6b9
SHA512

8cb6edee91ad2393788baf1d8cd929d2ca0522a025eb496c4801d35e23298f67cca36a200a380b9bf268db3227c44848b76c7566bd64ad36c7bc5f64e44fda3d
SSDEEP

24576:Qk/2zlK/rRsdMXqFZl9gmnSOA+8H6hmNHy:lKLFfEOqHTA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/CTM request ETA 30 July 2021.pdf.exe

Files

fd431c5a611bcd579ea5b6a5895ffbbf_JaffaCakes118
.eml
- http://www.dualcom.com.br
CTM request ETA 30 July 2021.pdf.arj
.rar
CTM request ETA 30 July 2021.pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 929KB - Virtual size: 928KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-1.txt
.html