JaffaCakes118_6d698a8b8b3bdae69d429d3dccdd3cdf209b2d1917e30b8e75f98d609c402731

General

Target

JaffaCakes118_6d698a8b8b3bdae69d429d3dccdd3cdf209b2d1917e30b8e75f98d609c402731
Size

338KB
MD5

97510a2dc71cf37b2c01432a4fb8232f
SHA1

5691a36608ac76ed81b949dad81fd5846bb8c2a7
SHA256

6d698a8b8b3bdae69d429d3dccdd3cdf209b2d1917e30b8e75f98d609c402731
SHA512

36be46cd97431cddc866e7d2601a78acbb745468a7db580e195c7df1134afb89d8efd2033a0f93985762b028b8d96067b90ddc066596315fce17630cb4fe8b03
SSDEEP

6144:Kq3IShElJb2xm83G3JnDyhADSNNm1TxUgKNXyeJ1ae5HV5rnqs:S/5eWxqAmLKxUNLJsex3nx

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a32901c6438f87f513547efcf8d5b83f703e8a5d61e10cbc97b3cd6f537555e8

JaffaCakes118_6d698a8b8b3bdae69d429d3dccdd3cdf209b2d1917e30b8e75f98d609c402731
.zip

Password: infected
a32901c6438f87f513547efcf8d5b83f703e8a5d61e10cbc97b3cd6f537555e8
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ