b1525dd93c9bb319b3be9dab3fa9c31a_JaffaCakes118 | Triage

Sharing

General

Target

b1525dd93c9bb319b3be9dab3fa9c31a_JaffaCakes118
Size

622KB
MD5

b1525dd93c9bb319b3be9dab3fa9c31a
SHA1

a4b58df262e83902728d12d24283d8fbee3a8a56
SHA256

26039e0d7ac0856375503044d4c336bce61c82ccc9665fe6c3bddc80a4d4ddc0
SHA512

6168e6afbce10e9e1f3d1377f39fe0e0ea705cd2fafe613f6901ac3328e9542774b2f0829133931ce1548ce4be1e9ef1d39f93945185b644ff9cd820a001e0ea
SSDEEP

12288:VtSXjKDHljthqXpgc+UKMi2zPXHSc1SmImczCWK6B7koQI1Yro:VtQK5thqXpgxUw2ricQbmczeoLYro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/neue Ordnung.exe

Files

b1525dd93c9bb319b3be9dab3fa9c31a_JaffaCakes118
.zip
neue Ordnung.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 734KB - Virtual size: 733KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ