0d0c721b636c5db5ff61332d97dbd191_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d0c721b636c5db5ff61332d97dbd191_JaffaCakes118
Size

560KB
MD5

0d0c721b636c5db5ff61332d97dbd191
SHA1

cdaf3ed8c62b547454c187f71fa2dac89ec61c4c
SHA256

57c8da856f9d28e20238f54c53dd5df9299e58c55c9d2aa43f173bc48dfcb895
SHA512

162d6aed4e4f05e65b4332459c9be05890a55c9689804e4c19857b01276a1cd36bfcca1692c8fc323b07a14f5ebe118ffa3639549d76d9cc353baf310d32b313
SSDEEP

12288:L78yRwV+1/ohg/qwI5SMZFH30ZKCF6BA772+u281:LtwV+ahjwI5pZFH3Cb6y7Tuj1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Payment ID - LJI001-2021-11-02 FEDERAL EQUIPMENT COMPANY.exe

Files

0d0c721b636c5db5ff61332d97dbd191_JaffaCakes118
.rar
Payment ID - LJI001-2021-11-02 FEDERAL EQUIPMENT COMPANY.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 576KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ