8c5d5111bb665a59483ad1a93b2544f8_JaffaCakes118 | Triage

Sharing

General

Target

8c5d5111bb665a59483ad1a93b2544f8_JaffaCakes118
Size

245KB
MD5

8c5d5111bb665a59483ad1a93b2544f8
SHA1

114146c582ba0b8b75d96d3b63f883eda1b22780
SHA256

d51eb6b4f29baee5535b5fbb4956778a6d29124dc430ff754dc5fa0710ca9f30
SHA512

97baf867922a2bc14ef815a6e17ce2402f9079d56adc6cf78246833ab6782b2543eb500be8d7f6a5a897cb1e3774f8af01a524e583ee43fe00d3500426b311cf
SSDEEP

3072:Y6m4pULYibKvmcibtnXtIyddbrZpmqVgq/GFhzg34/tppx7VdPh/Wo332bqIzq1i:Y6iLYiKibZXqqH3Yrpx75/W43+nvp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/NEWQUOTATION#83738_071618sampleproduction_xlxs.exe

Files

8c5d5111bb665a59483ad1a93b2544f8_JaffaCakes118
.rar
NEWQUOTATION#83738_071618sampleproduction_xlxs.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ZVFYOv4FXvyOiRH8.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ