JaffaCakes118_489fa719739ec1613adea999befb747412438ad80d401908f9c52fa351e36941

General

Target

JaffaCakes118_489fa719739ec1613adea999befb747412438ad80d401908f9c52fa351e36941
Size

663KB
MD5

91b5b93c27d5169f4a4d4fa61b2f41a3
SHA1

a7a6343799a214a47eb90267fd31278bc6150a54
SHA256

489fa719739ec1613adea999befb747412438ad80d401908f9c52fa351e36941
SHA512

e3b8965c491811df7181aa104b70fb056a6be11176e1bf5f701c5e47b12a554fa0629ec97965c2b62975dd8db5904667c6ce7f515e6fe4638ccc911eaf1c0c2f
SSDEEP

12288:d2GKJBPq9QGCtKmAPyoXp9I8r2IqGGJnBR2nACFbSyLcMEdaxlqBMdl9ko02x/X:d2GKu9QTtHAyoXpLr2RJBVeSyLcMJfk2

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/New Order WID-12874 (VT-10622)_SCHW_Juni 22.bin

JaffaCakes118_489fa719739ec1613adea999befb747412438ad80d401908f9c52fa351e36941
.zip

Password: infected
New Order WID-12874 (VT-10622)_SCHW_Juni 22.bin
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 707KB - Virtual size: 707KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ