721bf6a91be5db21e3d1117d616e3cf1_JaffaCakes118 | Triage

Sharing

General

Target

721bf6a91be5db21e3d1117d616e3cf1_JaffaCakes118
Size

360KB
MD5

721bf6a91be5db21e3d1117d616e3cf1
SHA1

65137a20beffcf97e5c1043899a34a6622d9d900
SHA256

b82445ea47014ab695f0ddc26fd05cdaab25699412c3850c793dea1d64ac711e
SHA512

c492dc1bd8d2f46dd957f1d4465c663d087d257c1cd6aedd5aa06c8d8b61997948b9d19375ceb05779141144def85214beec362726fb25df07fc6f4df9d5203b
SSDEEP

6144:580LH7Hw32RRcBTBs5i65lOXWSQsZCwBi4zP1dEeegf9ycJIZw6T4:580/HwSidqU65lOXVQsZCwBi4jcK90up

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Quotation.exe

Files

721bf6a91be5db21e3d1117d616e3cf1_JaffaCakes118
.7z
Quotation.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 475KB - Virtual size: 474KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ