37c33e38c39510fadb855dd9b965a5b2_JaffaCakes118 | Triage

Sharing

General

Target

37c33e38c39510fadb855dd9b965a5b2_JaffaCakes118
Size

1.5MB
MD5

37c33e38c39510fadb855dd9b965a5b2
SHA1

ab9815e6a89d92f670e887576ece05602190656c
SHA256

2e0cac744baa07053c435ee4712ce2d3f563ad639d1cb8e1a609015d50e465f9
SHA512

fea3fd9cbe6bd4e961b888e43d5a391930aa53751ae5efad67133bf68a669226cba40176f542202f7a50e0adbee2337dec22a149fd317d2408955a6e0a28d5ee
SSDEEP

24576:sPFKLriziS1Ntoqr6TO8ugUCC47Js+pzXG:Fi/tPGTZle4tnzXG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PO-4500119534 Endüstri ve Ticaret Serbest Bölgesi.pdf.exe

Files

37c33e38c39510fadb855dd9b965a5b2_JaffaCakes118
.iso
out.iso
.iso
PO-4500119534 Endüstri ve Ticaret Serbest Bölgesi.pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 938KB - Virtual size: 937KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ