JaffaCakes118_d8c426e36e50d3a7f8f51f8fb624959e3c985885c5d1713dff3b2803f393d2be

General

Target

JaffaCakes118_d8c426e36e50d3a7f8f51f8fb624959e3c985885c5d1713dff3b2803f393d2be
Size

435KB
MD5

de85d14670e6f25137fe2648ce30856d
SHA1

6d76504a004ef1b85857037fe40749ca80833034
SHA256

d8c426e36e50d3a7f8f51f8fb624959e3c985885c5d1713dff3b2803f393d2be
SHA512

339f2c8f24a90792a24d738f4f63f0a39507ec2b1e5d80e932a42885ab938d0447a2cbbbc8dd80f42aa6b652f480fe51cd1709ecaa09eb9904685f9cf370081b
SSDEEP

6144:c4aNhykWU2qFdBFfxgWS8JpR4nSgjT+v2lvcNxXRTSBR09epgFCIXUgGintOfl1/:9aNYHU2U/pTIjlUBdeKTk51qIjTiLh6

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5322da5b873f65a2099b81101357dda31b2fdf952749517af9754401708052af

JaffaCakes118_d8c426e36e50d3a7f8f51f8fb624959e3c985885c5d1713dff3b2803f393d2be
.zip

Password: infected
5322da5b873f65a2099b81101357dda31b2fdf952749517af9754401708052af
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 593KB - Virtual size: 593KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ