JaffaCakes118_d36589912453c12706f08cd2f13140c35010e157ee404d9bb6a85129ca4aa5e4

General

Target

JaffaCakes118_d36589912453c12706f08cd2f13140c35010e157ee404d9bb6a85129ca4aa5e4
Size

651KB
MD5

65c8d00798a67df2339cf98cccee3072
SHA1

4fc03f93d6aa89e3ce96608e35514efa52f2eb32
SHA256

d36589912453c12706f08cd2f13140c35010e157ee404d9bb6a85129ca4aa5e4
SHA512

410621a169005da6151d964ca1235c18de2c6e02b5441bd4a548930098fa330fee88ba2de47b423bb8d72d161630a2b815c48281d3eee571023b47a2b59c731f
SSDEEP

12288:mTzofZ7LeFR5Cgu8Q778K3L4kcK3o3FiHfQNgZYJVzXPNtUqCf6CecC3GioQXH9W:mTzocfcZR7gHIo+gZVzLU7Bec0sQw

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Pipeline operations equipment (Valves_Pipe Fittings).bin

JaffaCakes118_d36589912453c12706f08cd2f13140c35010e157ee404d9bb6a85129ca4aa5e4
.zip

Password: infected
Pipeline operations equipment (Valves_Pipe Fittings).bin
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 847KB - Virtual size: 847KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ