24265430eaae7752de58d9804a591a00_JaffaCakes118 | Triage

Sharing

General

Target

24265430eaae7752de58d9804a591a00_JaffaCakes118
Size

850KB
MD5

24265430eaae7752de58d9804a591a00
SHA1

aba4fe5105387e1d38d70fb4f8dd552091a2461e
SHA256

f802b546f625a38f59067e321db1fda69f28c5a91974f7ba7ebf37360ca37cc9
SHA512

9ba9e4ea6495a996b36d37e7486ed4240ba445ecac41d5d2750b390e87ba98a75efcdfbdc89430dc974e1db669589151dc7df18ad66ba52873196fcb7bf8f53a
SSDEEP

12288:nUhGT/f7DSvWN1JuigLYVlaf+dhKeVnVBAzzv6yRJmPv58gipuhpzP+:fzHSvi7AYaf+dk+gzeUrAJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/Inquiry 54409880043.exe

Files

24265430eaae7752de58d9804a591a00_JaffaCakes118
.iso
out.iso
.iso
Inquiry 54409880043.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 677KB - Virtual size: 677KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ