afeac935741f76e212999a88386d1394_JaffaCakes118 | Triage

Sharing

General

Target

afeac935741f76e212999a88386d1394_JaffaCakes118
Size

489KB
MD5

afeac935741f76e212999a88386d1394
SHA1

79a21c65d9ddc41694387d97fda19ded601145e5
SHA256

ea84f4dc91ed8d180a74627b7ceca6e1b2e344ed653c0f05037682547b29cfdd
SHA512

cec68fe7173d0c20f0ee6733b6eceed1357fb4855822e77d6b09255355805619de6027dde4cfc42ed6980c68ea87a24823e0219b6989c30228deb6e1ed29a306
SSDEEP

12288:thl2tDU50N1yYSQ/r8J6MvJttcjFGlOt5Ohn1XI95Vax:fl2FN1u9nqFr+A95Vax

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/INV 493178246.exe

Files

afeac935741f76e212999a88386d1394_JaffaCakes118
.eml
INV 49317824.7z
.7z
INV 493178246.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 515KB - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
email-plain-1.txt