JaffaCakes118_c1d5a5bff8e3ce0a9b30f2c3fb1b13f232251a2d836d84e0a3b025eb79722aac

General

Target

JaffaCakes118_c1d5a5bff8e3ce0a9b30f2c3fb1b13f232251a2d836d84e0a3b025eb79722aac
Size

472KB
MD5

446f823a10ec856cff12e79e64fcfb40
SHA1

2b9c5446b7320ae7d88308541706d156dfc05b49
SHA256

c1d5a5bff8e3ce0a9b30f2c3fb1b13f232251a2d836d84e0a3b025eb79722aac
SHA512

51a339c5c151b3d1798bc339a6fbc611ce112107f4282f5f095c550f7a154ab97abed3c552e0a5ac4e788e823b06ad6da56ecb3fe8de2bb60697be5d0175b5af
SSDEEP

12288:5UTaOhNRe5SXb5tYb53ER+UCEwMtO7+onkcViXZAz9BEOEBSL:5yXNYSXy3/MwM8HV2BSL

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7a41ce40c35cb716b149ae68e2fff7e91f8dbb3af2f265c70ba08ce4615853d9.exe

JaffaCakes118_c1d5a5bff8e3ce0a9b30f2c3fb1b13f232251a2d836d84e0a3b025eb79722aac
.zip

Password: infected
7a41ce40c35cb716b149ae68e2fff7e91f8dbb3af2f265c70ba08ce4615853d9.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 500KB - Virtual size: 499KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ