17a7fadae74b86c509a54052f953e4da_JaffaCakes118 | Triage

Sharing

General

Target

17a7fadae74b86c509a54052f953e4da_JaffaCakes118
Size

517KB
MD5

17a7fadae74b86c509a54052f953e4da
SHA1

5b0fdc187fdb5c0f66b81fc1aafca66965c8ce6b
SHA256

a160642ccf07ca3f837ed3070d3790a5bf3eada0efd95a9d4403d23a96a0b6bd
SHA512

e5e93c7f7e8cb6cb4350309acf59432dd2a8b07c4ce542ef5661d6cd776a73b2ac778caf271a1310f1af39ed11e472748d28b041516631bbab6dd02a54b7e249
SSDEEP

12288:Yh3yc6NUIiPzMe0KbVlYwaC0rJ00T/knMrpBhw6:YNyxiPfJKwaC0rq0jAMr/+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1 Tera HD-250Qty.exe

Files

17a7fadae74b86c509a54052f953e4da_JaffaCakes118
.cab
1 Tera HD-250Qty.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ