JaffaCakes118_e297870bd5d70b0e653901d78c2d240cbc18fb8bfca3d94a80b7d3f4966173c8

General

Target

JaffaCakes118_e297870bd5d70b0e653901d78c2d240cbc18fb8bfca3d94a80b7d3f4966173c8
Size

636KB
MD5

32d67277c1d070870b6f760664156929
SHA1

61637ff98cb8b3af9c47f8779415124cfd025d00
SHA256

e297870bd5d70b0e653901d78c2d240cbc18fb8bfca3d94a80b7d3f4966173c8
SHA512

c604d6a84c2f71fdbd0cf9cb020206e926ce142a0dc04ad4d5cae48b7f6bb06725a37397b648ddbbed7e405dbb3412d36f509e773ddfbc58fa5c66b8bd54dbc6
SSDEEP

12288:iU3pHfb8AUEJMfgMgzlQuN+o8702xYr2OU5MZwScmip1YhmCLl6S:igpj8AUE6fup7+tVxTxdzlqmCR6S

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/08d852996cac29ea979d65f029908e1e38cfddca5738b1aad650e8a3eb0b00ca

JaffaCakes118_e297870bd5d70b0e653901d78c2d240cbc18fb8bfca3d94a80b7d3f4966173c8
.zip

Password: infected
08d852996cac29ea979d65f029908e1e38cfddca5738b1aad650e8a3eb0b00ca
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ