6c02710a77793c2cbbe772297dd6a16b_JaffaCakes118 | Triage

Sharing

General

Target

6c02710a77793c2cbbe772297dd6a16b_JaffaCakes118
Size

566KB
MD5

6c02710a77793c2cbbe772297dd6a16b
SHA1

506edf76be43036ff202e47f060bae6ad406b110
SHA256

0fd074d5c884fa43b879d5611936d497ddfbff034580f1b4cf35ecf99151b5b1
SHA512

9d2f3cc997b8d149ee80c10ab4bec614428238f0b494e2ebd852f273bb75e4406d6024c02491040a7b57eb022123c4d7cca20af8f31a5b263c0b5a59d707fbcd
SSDEEP

12288:WxEk87ebCQ2wUpRSs5YtU54liluVJ8Z0famD:wrCQ2wUpRSs+akFVaZ0fai

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/MedWingNT_04_TT TP012080202014404 pdf .exe

Files

6c02710a77793c2cbbe772297dd6a16b_JaffaCakes118
.ace
out.ace
.ace
MedWingNT_04_TT TP012080202014404 pdf .exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 638KB - Virtual size: 638KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ