JaffaCakes118_5fca809996d591928d049265b97cf7a05a96a24eacb8c8d1d7b20b4d36dd4dd9

General

Target

JaffaCakes118_5fca809996d591928d049265b97cf7a05a96a24eacb8c8d1d7b20b4d36dd4dd9
Size

981KB
MD5

f8ee97d6ef9988decebc88cca60fd7c2
SHA1

e3fc3eff2985d1829cc5645e0021f1e4080ed2de
SHA256

5fca809996d591928d049265b97cf7a05a96a24eacb8c8d1d7b20b4d36dd4dd9
SHA512

3a28300d96b38ec5392af4a2ea85bc28966f8efd7864a9349fcfc9ae887995d8a977b845737d96d50451cdf5974e3d50f55b987dc00069e64c4b31a48e4eecc0
SSDEEP

24576:R+IgkRZch57HZIS4tZXtN7NVb3Cgd56Dhs66w6P8XQYRZWHXD:R+IgCZcfjJEBtoPW3mZW3D

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PO 211208-0211A.exe

JaffaCakes118_5fca809996d591928d049265b97cf7a05a96a24eacb8c8d1d7b20b4d36dd4dd9
.zip

Password: infected
e6895b38f50cf7882f4cbe9c9b8e9079
.lzh
PO 211208-0211A.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\zgdgNnzUky\src\obj\Debug\IConstantMembershipConditi.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ