defbde5e6d8981cdc5c15764fd77e911_JaffaCakes118 | Triage

Sharing

General

Target

defbde5e6d8981cdc5c15764fd77e911_JaffaCakes118
Size

479KB
MD5

defbde5e6d8981cdc5c15764fd77e911
SHA1

66987e65620e79659bd4e17b1e0c8dfe0e6cb2f2
SHA256

c342a7cb93e23cde27bfe4bcf9358f4cb9d49c0198abf112be372245ef96d678
SHA512

38dd9094130c848aaea4c4d314c67068f1b47a9421d85670a397c387e1433d34ae6c9cd36b2142d7e868090e4e8971b094f68bf6ecbbde506e8f90f59d676312
SSDEEP

12288:hsMX0LqeuVin1ySUIrWUPr0lezJ0FsErfTW5:hsMXmqeIWrbrWUPwEzJSRfA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QUOTATION-10-01-2021.doc.exe

Files

defbde5e6d8981cdc5c15764fd77e911_JaffaCakes118
.zip
QUOTATION-10-01-2021.doc.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 652KB - Virtual size: 652KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ