d4aa896066a036975471ccb51fcd3983_JaffaCakes118 | Triage

Sharing

General

Target

d4aa896066a036975471ccb51fcd3983_JaffaCakes118
Size

395KB
MD5

d4aa896066a036975471ccb51fcd3983
SHA1

1bb7be873667112b41d54f419b3614947749dddf
SHA256

b3eec7e5fcd9dbd94216255ec02c4d1b7b6eca2c8a4daaca4d3fc58c000f1e87
SHA512

b8bb49658f4bb2e6798693c36c321682a8f96a31958e7da76d34dcb2d12b6f2e57cde9bf6a510c4f6e499d6906530404380cab65419335fa08d0b8ab24544089
SSDEEP

12288:Tpd/sqz3fv8T0ZARId+FL1CCbyWgfgG7bDC:ld//fETxio91C05uz7q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Payment swift.exe

Files

d4aa896066a036975471ccb51fcd3983_JaffaCakes118
.rar
Payment swift.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 447KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ