JaffaCakes118_954b75a2c0fb7a8350307cfbc283e65ab46c000ad652236a1d5d5a9f9af950b5

General

Target

JaffaCakes118_954b75a2c0fb7a8350307cfbc283e65ab46c000ad652236a1d5d5a9f9af950b5
Size

677KB
MD5

84e521846bad031000476000e626a29e
SHA1

170653dbaada2aad0bd5ff22327e9731e375b10a
SHA256

954b75a2c0fb7a8350307cfbc283e65ab46c000ad652236a1d5d5a9f9af950b5
SHA512

16c09b8b4973c09bd8f3444d4341cc6544266ba092877e12452db9f27492b4a271c40cc2d7cbdb2a54592ba5b59ba128d0c90807880650b10b69c9854cebe364
SSDEEP

12288:QypiZF/GdV7Ba66tLFlKmjuWlRsgZw57NvSRxll4b/9+Sik7H4fQ2yrq8El8ykp+:QzLM7Ba6+LK85sgZwNNKX41sfQ2yNjV+

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Estimates (Korea Zinc Co., Ltd. Onsan Refinery) 275-016.exe

JaffaCakes118_954b75a2c0fb7a8350307cfbc283e65ab46c000ad652236a1d5d5a9f9af950b5
.zip

Password: infected
15921dcecdfca5c112a8494590c21339
.cab
Estimates (Korea Zinc Co., Ltd. Onsan Refinery) 275-016.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 833KB - Virtual size: 833KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ