fa46798f4e54f694ff1302735d4f0b59_JaffaCakes118 | Triage

Sharing

General

Target

fa46798f4e54f694ff1302735d4f0b59_JaffaCakes118
Size

391KB
MD5

fa46798f4e54f694ff1302735d4f0b59
SHA1

c0ba2a3615cea3ab19ebb76521ff4f90f92af260
SHA256

873e880c2bd7d4030d405cb658a4925c3a16ecc83cd59e0ed230716ebb5de6af
SHA512

28ae9e91c09eb539652f353e120c1d3dd348ad033cc87b73e452d19abe880d78882dbe7d1ad689d2f597e4581628340d1f28e1cff451c9afe69fb0556225e258
SSDEEP

6144:bdA2CsOe8UvkZXnNRwUu7IZxCY3lotfoH8Zze7PWsURKlcvV1kKq53+g3Cf7KK97:C2VRB4wtgxn3ytieOeKlcv/q5NK7N97

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SWIFT COPY.exe

Files

fa46798f4e54f694ff1302735d4f0b59_JaffaCakes118
.zip
SWIFT COPY.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 465KB - Virtual size: 464KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ