2eab88f8706d8d1a26bad4315d8bcf07_JaffaCakes118 | Triage

Sharing

General

Target

2eab88f8706d8d1a26bad4315d8bcf07_JaffaCakes118
Size

558KB
MD5

2eab88f8706d8d1a26bad4315d8bcf07
SHA1

74892d10209c70707d3319a5702988099faed624
SHA256

f56373771af169b70e7d821474f78b5a9cfee750f57fc54f4cdb3f52f102f008
SHA512

f26b9570b9e355ffc47fc1aec3708a20d0d9e3cca53f93e5e1b9c416ce42ac4206292f212e86237f60f8a8449fa324a9edd130cc2ec0137a0b679289ff4d0e87
SSDEEP

12288:uYBloq/aveamHrYljyQ842DkRRe68KPSVFH:/no+av3mchyQ92ARRH8r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Purchase Order.exe

Files

2eab88f8706d8d1a26bad4315d8bcf07_JaffaCakes118
.gz
Purchase Order.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 648KB - Virtual size: 648KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ