1199d6b3ce577b7a69ad507cf36a7d8b_JaffaCakes118 | Triage

Sharing

General

Target

1199d6b3ce577b7a69ad507cf36a7d8b_JaffaCakes118
Size

812KB
MD5

1199d6b3ce577b7a69ad507cf36a7d8b
SHA1

9fcee8476a3068660ef769e343addbf6aeef0ea4
SHA256

2fe76f953de7338f202e10237e3a43639663429dde38d3a69c1c577ccdc61d2a
SHA512

f4a5c82766ca0b5a482abcd8f254e2dfe6391dedacb04f8316d6c3c97e7e2e1bcfceff6c325d2956c3c40522aca63b5b2eb732faed41bf5658740bf3bb44ccf2
SSDEEP

12288:hXLalRJN4sKRuqo8+mZTuDeoAlxbKrGxb+j3vJEu1qGiXxAsVPKcabqWjwfY7:62sKonmtu2xbKSQhbjaB1akA7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/New Order.exe

Files

1199d6b3ce577b7a69ad507cf36a7d8b_JaffaCakes118
.zip
New Order.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 850KB - Virtual size: 849KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ