05a0d614857812cf60e42afe539fe93b_JaffaCakes118

Sharing

Target

05a0d614857812cf60e42afe539fe93b_JaffaCakes118
Size

943KB
MD5

05a0d614857812cf60e42afe539fe93b
SHA1

65cb75611584312f38d8ae2ee85cc642dfdc0ff5
SHA256

6aef2de42e7435e24a9dbab0ad4564a2403d9cac46516bbbf91739653e59bc0f
SHA512

9a0ce6c7e0cb354c24343cffa25dbbd69539e0570ad4952226dd2faf75349ee0ab384ad53971160aca3a903ebbcee4914c9e3b3a05389067c858c8c0bcc24441
SSDEEP

24576:yAbEAKbFImthPi3/Hx8YLHe4qxBgLiwHYoFIGKSDC1:XIbaaqzLjHbIGKn

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/QUOTATION KHEM0004 KHEM0005.exe

05a0d614857812cf60e42afe539fe93b_JaffaCakes118
.eml
- https://www.lms-germany.de/
- https://www.lms24.de/
QUOTATION KHEM0004 KHEM0005.lzh
.rar
QUOTATION KHEM0004 KHEM0005.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 852KB - Virtual size: 851KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-2.txt
.html
email-plain-1.txt