2c91ea1694fceee67acaa8f564785121_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c91ea1694fceee67acaa8f564785121_JaffaCakes118
Size

260KB
MD5

2c91ea1694fceee67acaa8f564785121
SHA1

f3d7df43f9acebb928aba6429ff321c26020e725
SHA256

382839adb1c62526fa2eddd65e40c304b6cdb86df2880bd59765b97a05d2dc38
SHA512

63acb90ad5c6abf1f8c453a1802adaeeec62c3ab735235efdfce72ec4f54d014662ffc295bcd776046ee95033dd648b023e9c3d0615a60b75cab6d46a8f7d694
SSDEEP

6144:2+Z6V2rEyaGMq7Ozr2KLa99CCmM1Pr2S8KHJ0mt24nZ0:VCv6K29cCp98+wE0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/P0175ABS-CBN-Holdings.exe

Files

2c91ea1694fceee67acaa8f564785121_JaffaCakes118
.zip
P0175ABS-CBN-Holdings.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ