7f20b9bb18ae8aa423669c9ba0fb6809_JaffaCakes118

General

Target

7f20b9bb18ae8aa423669c9ba0fb6809_JaffaCakes118
Size

801KB
MD5

7f20b9bb18ae8aa423669c9ba0fb6809
SHA1

a1be670034898ae411ecf13e08dd15e23b5bd208
SHA256

e7a7261ea1e2fad587750d73d594cd9692e8e854e2b6b778f24a1d8bdc552f76
SHA512

33a42f751acfcff958486df42d5ff56a95b768fc03b6f73979b86595020cc6fdc77d4e94a6548ec12eeed160fa424eb730c36eb95b3ad778db2246fc02c769a7
SSDEEP

12288:2K1El3BIVWZgn0Ggbj2Pukf8b4gpsIS8ahsNQhdGjuy9SMcH8Qz+:NWLCb0PjM0OuWCjuy9vm

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Einzahlungsschein.exe

7f20b9bb18ae8aa423669c9ba0fb6809_JaffaCakes118
.msg
- http://auto-schneider.com
- http://uk.vector.com
Einzahlungsschein.iso
.iso
Einzahlungsschein.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 495KB - Virtual size: 495KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ