d5e8003a9aa452af13d495f7412f3678_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5e8003a9aa452af13d495f7412f3678_JaffaCakes118
Size

536KB
MD5

d5e8003a9aa452af13d495f7412f3678
SHA1

6d631c69fb231ea6622da0964f1a9c68ada59ebf
SHA256

43077bc465aa38214968559b3a41c50d618fbace6b8868c4df2b07e24f1aff7f
SHA512

4d5e89e5c29c1fddbba3f7a93fa26a65abbb09df7c06878c0f0071dcf02bd6dd9e75980f8f77e961c79a2421572e527f2845a4e528b8a3398c698512b7e54039
SSDEEP

12288:Qs/MDHeZsRfjt7YzRbwNjxkGgfNyGVRtw5Nz/QIC9qfY:Q/+aR8wjxkGglVNHqw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FootballManager2015_CH_promo.exe

Files

d5e8003a9aa452af13d495f7412f3678_JaffaCakes118
.zip
FootballManager2015_CH_promo.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 490KB - Virtual size: 490KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ