JaffaCakes118_e7e6d1c7dda7f813373224350a84133f231850c14c3bf771cc9026a7c9ebf813

General

Target

JaffaCakes118_e7e6d1c7dda7f813373224350a84133f231850c14c3bf771cc9026a7c9ebf813
Size

676KB
MD5

4ead855fb48ba8e4178acc5d1754ff92
SHA1

f579fc0b2dd775a4f966a03f0316dcc18466017f
SHA256

e7e6d1c7dda7f813373224350a84133f231850c14c3bf771cc9026a7c9ebf813
SHA512

abedbfc93d8865c414e7d21060a280f3b078e9c8b17b9d15d827bda790a2774020907aa44561370d6ccd9fb94f269165ff827c571da8e4b58a5b99f7d2e0f5da
SSDEEP

12288:rVSXCx+aUCxBvtNe+qBrpXl+gm3RivAv6rjmcmt20uV4XDuGecDjqTwd:rVSXCx+uBnRqBtX47ipj/mf4SdBvqY

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Purchase Order.bin

JaffaCakes118_e7e6d1c7dda7f813373224350a84133f231850c14c3bf771cc9026a7c9ebf813
.zip

Password: infected
Purchase Order.bin
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 951KB - Virtual size: 951KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ