0c3b9a7f5c742160a0a806156701545a_JaffaCakes118 | Triage

Sharing

General

Target

0c3b9a7f5c742160a0a806156701545a_JaffaCakes118
Size

717KB
MD5

0c3b9a7f5c742160a0a806156701545a
SHA1

a78620e3fa4d50ab0b07ab5253b89ef7dba4152d
SHA256

9f824ba3474b90684904530bc8fcdc7587ed86a527cb881386b224d7b5b8ed33
SHA512

97ebe0f1a9b4d01290ad4f4cdbb017b50cf9af8fc27ef6ab6232dc975bef483fb92f6bce315ff19240c1052badec2784454dd3a087e8c8763fa9ff25154c7e30
SSDEEP

12288:4SPEw0heOL1kK9ZpcTKNGm0oM+h2ei4LRNUTaGwZRlM3wH7AAbpSyBD1durksLi1:6w0TZ59nh0oMDD4LRNUTarZRenTyBBdx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bill of lading and certificate of origin = container shipping document.exe

Files

0c3b9a7f5c742160a0a806156701545a_JaffaCakes118
.rar
bill of lading and certificate of origin = container shipping document.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ