80412621ce68fb44bafea521df758682_JaffaCakes118 | Triage

Sharing

General

Target

80412621ce68fb44bafea521df758682_JaffaCakes118
Size

139KB
MD5

80412621ce68fb44bafea521df758682
SHA1

e1594c76d2004a82cc1b4b9a1c3ef91e6cc2a83a
SHA256

15ac3e1e72396a1633a29f848569f0c3f6b0781ae5b4c41bd068f617500c4da7
SHA512

b8f4995b4e544d239238be3c051276364f4c8605936b529c2c57d32559f9c7d09c33a7ebb56cf8f71870ea08d8be67908998280c74401c4fc565d51851cc81fe
SSDEEP

3072:lAXzGZgYrxTJtVuvDqIFYrr/UU/bWMcw99gFAhtaIVgu/Yls:lAcRrRJavmsBaGc9lt5gVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8.exe

Files

80412621ce68fb44bafea521df758682_JaffaCakes118
.zip

Password: infected
8.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ