JaffaCakes118_c1858ad1833c246ff8bf6cf2c60bace1f63dca90674b2a3006deaea9013c4079

General

Target

JaffaCakes118_c1858ad1833c246ff8bf6cf2c60bace1f63dca90674b2a3006deaea9013c4079
Size

392KB
MD5

4188f1553af2ff0d98926845c6d38fce
SHA1

29c48ec6eca6b2234248d85e9f4191fd39102511
SHA256

c1858ad1833c246ff8bf6cf2c60bace1f63dca90674b2a3006deaea9013c4079
SHA512

171bd20bb8e88cad1e8eebf70b7a0786858ab2471d6abdea6fd6d7fc44327b44af9016a9d332c5761979cd954b3eefcbb5e43524c8a7b6eec1a493c9c4781f12
SSDEEP

6144:nkm7KCZzaHux4YE3h/5i/83uWRTUQHEjVt8d7md4Mff6nd0bCzVcBtG5:nL7XZsupEDqspUHV3eM6dbAs5

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack003/PO.exe

JaffaCakes118_c1858ad1833c246ff8bf6cf2c60bace1f63dca90674b2a3006deaea9013c4079
.zip

Password: infected
364701421b0abdb25a1d1bbfb883aaa8
.iso
out.iso
.iso
PO.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 462KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ