JaffaCakes118_257376dd4cda0f03c4eb3476a615f7f34cab8c6a20efc51a501594c9be37e244

General

Target

JaffaCakes118_257376dd4cda0f03c4eb3476a615f7f34cab8c6a20efc51a501594c9be37e244
Size

536KB
MD5

d7822ad4efc603803cb7890eb66110cb
SHA1

7d703e81605c93ddee632bcd1e2a6ad720ccab6d
SHA256

257376dd4cda0f03c4eb3476a615f7f34cab8c6a20efc51a501594c9be37e244
SHA512

cdef8bf989b9419a17793c4ec651088373f492f1cbd3fd4dce9830370f782f9467b4176291275a2e8e00ff0730ea1d2703b2ee1e5554a64e19a3282a07c65a62
SSDEEP

12288:Tqqtw2r0LSU+WA57JQPVaJP/K5I6seb97FzJ9II9t:Tqq220Lk57JKaF+vso9x9+u

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/DL+Payment Release Details #Transaction Notice_Reconfirmation Process MTCRTTM.exe

JaffaCakes118_257376dd4cda0f03c4eb3476a615f7f34cab8c6a20efc51a501594c9be37e244
.zip

Password: infected
d002e3e2ef64b99372cdcbf40b72d16615d830481006541acb3e661bea91d23a.gz
.rar
DL+Payment Release Details #Transaction Notice_Reconfirmation Process MTCRTTM.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 604KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ