3a666487f340d30db19e2ddd3ea56099_JaffaCakes118 | Triage

Sharing

General

Target

3a666487f340d30db19e2ddd3ea56099_JaffaCakes118
Size

742KB
MD5

3a666487f340d30db19e2ddd3ea56099
SHA1

8afdb3352b8fc1428657853eb34fc18269928f6d
SHA256

bf9b98d3c7f449c22350739501fd763d47ab3a4e33be82b106ac54b9bd2b7e68
SHA512

15e7525d00db995bc59734cb61dea1fe6f4125ed668e111135a55f879ece2a1dd0af5db63801f6d4f0294cfb192e1b6e7f54fc28d4e590d96f48d83c61e8c3dc
SSDEEP

12288:bp+aRBZi970Hq83hAkJlk1wA8XyonCo+aUwbjpa1BDCROuTngLsIB:19ZhikJKJCx+atpab/WnFW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/ILPEA_MRC2021751433030XMY,pdf.exe

Files

3a666487f340d30db19e2ddd3ea56099_JaffaCakes118
.iso
out.iso
.iso
ILPEA_MRC2021751433030XMY,pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 661KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ