4c775f9e98e5abd557666358875eaaca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c775f9e98e5abd557666358875eaaca_JaffaCakes118
Size

488KB
MD5

4c775f9e98e5abd557666358875eaaca
SHA1

8d89172d4a05c5b8b5dfb92ef41e6501ea55289a
SHA256

e5e86fc78982e40d4af4a74ca4a3ad86f9d8b8751f16be9f49ad486a8a79f81e
SHA512

251dae2d0fa319c6e7786e2292ceec531bb923eb57347c22f3e3d248c324f5e4b6112b43268d4dc40574db8449e4c3b7752455b7221f13a9c040fd59586be7cf
SSDEEP

12288:MddV0kB9WAUyEZ8dEj3haZkgpPdtVpMkwp6cp:MddRmAUhZ86kXpPdDaks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PO.4870.exe

Files

4c775f9e98e5abd557666358875eaaca_JaffaCakes118
.ace
out.ace
.ace
PO.4870.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 902KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 289KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ