6794aa711495bc08e7c61c7ff4f6a54e_JaffaCakes118 | Triage

Sharing

General

Target

6794aa711495bc08e7c61c7ff4f6a54e_JaffaCakes118
Size

681KB
MD5

6794aa711495bc08e7c61c7ff4f6a54e
SHA1

412785b1980e83986ed4a83f3e4522f2192f0edc
SHA256

626e3b000c3ebb9f8f32e54b5fbb9e6f4abaf10af158aa0d71169042f1ce2614
SHA512

3acd892f22d8e7c33f58f71e2a8cee1a5d927ee34590c2ed54a72c957e6dd65c09f248807381c362bd08667f08c9b4b58c5649ef72024e0738b850fba5dd5159
SSDEEP

12288:8fWG5wGRplFwoOFK8x4VtnUZIYou/JPi2yq2yKlRweDY4Q0TR3AiMRclSxBE/B:3+FwoOFSVKZITuRPoqT8R/XT5Aik8Z/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/New PO.exe

Files

6794aa711495bc08e7c61c7ff4f6a54e_JaffaCakes118
.zip
New PO.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 692KB - Virtual size: 691KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ