09843806c38321ee55c084b56f04d13c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09843806c38321ee55c084b56f04d13c_JaffaCakes118
Size

189KB
MD5

09843806c38321ee55c084b56f04d13c
SHA1

fbaac70aceac03fe9dc228009496226d88e9369a
SHA256

16f8245520e1f00e1d9422ba7ce657b7c83d0532c33b92bdbd0948053f935796
SHA512

e79211a7f55532e31a14ab93b817d65fab6e14d868b34cdd7dcff708afa4f19cc20576b23f655568c2d5d37745d41075e40ac49742ee8297f5385410bb76114a
SSDEEP

3072:L3L2WYLmm5gQ9HLatvxQjE8OXLANPHEp7TkWOT/mFoSG8V97nQCUPn0SRALaVqpv:L3KDLZ5gQ9HLaN8O7Ahk0TxSGK9kCoUN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dc7f80c98e929472082c7df2137b6051d62ed751df19647efb9edcb72220bc87_Microsft update.exe

Files

09843806c38321ee55c084b56f04d13c_JaffaCakes118
.zip

Password: infected
dc7f80c98e929472082c7df2137b6051d62ed751df19647efb9edcb72220bc87_Microsft update.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ