JaffaCakes118_437cb3ec242f9cfb0c579d68d192c034d54b8c7d976eecb6c48d0535d12308ba

General

Target

JaffaCakes118_437cb3ec242f9cfb0c579d68d192c034d54b8c7d976eecb6c48d0535d12308ba
Size

1.0MB
MD5

62d53156eda05a0ad11b9a6385dfca61
SHA1

b7e3a4db44714d9e24f49f1b56b934c2a5ce4579
SHA256

437cb3ec242f9cfb0c579d68d192c034d54b8c7d976eecb6c48d0535d12308ba
SHA512

cf1e126b54cf776aba3669d2fdd015f694293147e18dd251440ab051986f5e753f4d396745a6f40b87b291f210ea80698a42ffae70c0f3bbabd2ed06380009b1
SSDEEP

12288:S8YvIiL+JXIcZlHa9Xyin6OwO0BD5LdPebIt5f2H02VIu4+CG6MkULqkqqGNmRN2:jd5nc9iR7ZQIzf2H0IxXmkP3+LAk6w

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack003/New Order xls.exe

JaffaCakes118_437cb3ec242f9cfb0c579d68d192c034d54b8c7d976eecb6c48d0535d12308ba
.zip

Password: infected
10075f996094c6920ddd5d5ac238cea6e231665030cd0a377a049d5a9332ae99
.lz
10075f996094c6920ddd5d5ac238cea6e231665030cd0a377a049d5a9332ae99.out
.tar
New Order xls.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ