ec19cb60ccd0cd8a681858bc2c6becd7_JaffaCakes118 | Triage

Sharing

General

Target

ec19cb60ccd0cd8a681858bc2c6becd7_JaffaCakes118
Size

535KB
MD5

ec19cb60ccd0cd8a681858bc2c6becd7
SHA1

ea51a16d2d93e0f7eb560986ffc6045956956ee5
SHA256

c87864145285595c304c28ac7eacb465633ae7b5a0b3672a5fc225e0f9419146
SHA512

debbf10e6d1c13e029d9ea74051d760159fa9711e92f0326c638cc9f327f2d5f7640e43e86531682c02dc53a040b1f26a11bb08e305066dd2efca7ad4aa3c931
SSDEEP

12288:05lYdqlHBUiifrKKm2Qy+RxJnKcZjxE19EDa4UGg7e/I1+tP9WApQQAp:05lYAHBHK7+rVHUPEDadGgigYP9dyP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ORDER #99079190.PDF.exe

Files

ec19cb60ccd0cd8a681858bc2c6becd7_JaffaCakes118
.gz
ORDER #99079190.PDF.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 664KB - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ