JaffaCakes118_329eb8f2ecbea9a9cc0e9c84f5ba029a7c3f4f54d1bbbf8e09431318d4325610

General

Target

JaffaCakes118_329eb8f2ecbea9a9cc0e9c84f5ba029a7c3f4f54d1bbbf8e09431318d4325610
Size

1007KB
MD5

cdb6474c1dcb8554b3ca4d059dad5e15
SHA1

e79c99f7a57693c60c65b78e21ac3b756fed583e
SHA256

329eb8f2ecbea9a9cc0e9c84f5ba029a7c3f4f54d1bbbf8e09431318d4325610
SHA512

91861069b1d3f2b5f6b90008664a7b70a39be2ca335c2f86b1001f92107bdda07e5605a0fd4af35d4b17370b7e4ab2a9a2dde328d4143a85b24f9ebda1a02720
SSDEEP

24576:TLzGNGo0N5ly8NTND8fsLgUuKiEpdw4LnGFvQEHj8Y8CK:TCumsLg9KiWdw4CdYh

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/418cc2f738fc7f9ebdf659f04ad39c5cf02bb1ee9221955accbe5357a7a6ca63

JaffaCakes118_329eb8f2ecbea9a9cc0e9c84f5ba029a7c3f4f54d1bbbf8e09431318d4325610
.zip

Password: infected
418cc2f738fc7f9ebdf659f04ad39c5cf02bb1ee9221955accbe5357a7a6ca63
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ