4286e12a3e24d185addc75eaccc631a0_JaffaCakes118 | Triage

Sharing

General

Target

4286e12a3e24d185addc75eaccc631a0_JaffaCakes118
Size

229KB
MD5

4286e12a3e24d185addc75eaccc631a0
SHA1

26276a65997ab3ce53de4bd9ab67cdfde3ab2881
SHA256

7e5808daa972d856696cec4f73eb47f9ad1138631d8b3bf8db3869c7781aa29b
SHA512

a54a2f1a70d1c42439c7b659fe89ab92eab45c81f87cad6d5e11140ebcdfa4acd4a36cc70c370726c41a733f28c857511b6b1b4bb9acb4d4864a5955efa3f5db
SSDEEP

6144:/bXaJcwKINhUTSUhb5NTyv4SPYPsPCjjmkMYUCEJCq2Ye:/bScwKDSinWv3gPsqjj8zLJpe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Qoutation for April and Company Profile_PDF.exe

Files

4286e12a3e24d185addc75eaccc631a0_JaffaCakes118
.cab
Qoutation for April and Company Profile_PDF.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ