15e7dd30e6ef6516f6e72d6cc92cf9ca_JaffaCakes118 | Triage

Sharing

General

Target

15e7dd30e6ef6516f6e72d6cc92cf9ca_JaffaCakes118
Size

1.8MB
MD5

15e7dd30e6ef6516f6e72d6cc92cf9ca
SHA1

a0910e77d76e3f78d6516a43a0a7ab66bb0855ae
SHA256

b1264d3cb4f5c8063787e2205ab2f3a1600058a8c262071884531898d0441445
SHA512

5f2f23a54bf45c472a47d274de895756cf31011f1d1a20672022190bdface687af61c73129f419ef670616197e80f20a8958e831050b56decc4d376a352bb6b5
SSDEEP

49152:TEx2yy3Ej8UDlTzqpJXphJKEPGUKB+vnbcmJcX2vkxXeqk9:Yy3EFlSJXpKEcB+Pbc72vkhA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ChromeSetup.exe

Files

15e7dd30e6ef6516f6e72d6cc92cf9ca_JaffaCakes118
.zip
ChromeSetup.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Program Files\ZipArchive\res\temp\packed.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
README.html
.html