JaffaCakes118_f1a2844073e4ab6c17f8977c8a114de63767c3e3c8ae2595d0efbcdfe8133859

General

Target

JaffaCakes118_f1a2844073e4ab6c17f8977c8a114de63767c3e3c8ae2595d0efbcdfe8133859
Size

615KB
MD5

f4a12ac3de7a219ab27058bd1efa21e1
SHA1

2d0755d94239877dd4a08ba7f3c4a88a7dd8a132
SHA256

f1a2844073e4ab6c17f8977c8a114de63767c3e3c8ae2595d0efbcdfe8133859
SHA512

da894540a7fb386d196e4c7b0432b4e5da4086fdb592939b7d410830d87f99f5446bc2281cc2b92fbfb341c120f86e6075529c095055d06abea9eb73869fee49
SSDEEP

12288:8OwsNe8M8BfZ8EjfuFnIPV7TVIbHW4MxmZNAC/MuC0u73dO5I8WE7O1kd:msNK81yEjfxTIbpsuY73Y5I8WE7Zd

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/74a098344fb282c483eaae1b536e90a6cbd78cbb8a7c4857bac3d65e05e70c75

JaffaCakes118_f1a2844073e4ab6c17f8977c8a114de63767c3e3c8ae2595d0efbcdfe8133859
.zip

Password: infected
74a098344fb282c483eaae1b536e90a6cbd78cbb8a7c4857bac3d65e05e70c75
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ