JaffaCakes118_c953fcff4f8d8367bad8cb16bc86b71e | Triage

Sharing

General

Target

JaffaCakes118_c953fcff4f8d8367bad8cb16bc86b71e
Size

427KB
MD5

c953fcff4f8d8367bad8cb16bc86b71e
SHA1

3ef3e2dff28483536d952c2dcb8181094b92e885
SHA256

ddc8c1c38c617c6a99201d722284707dfae2a1f76a3cd8858c64b95483729f28
SHA512

fcb480f469bf0abbbc87e1661f3588264a9829c04d388995fd37944568f635c637807eecd44cea3d2a7e4a3cbda5457b253add1f33ccc05da0ddef0acd5f4a86
SSDEEP

12288:8nXZ8nBEJo9x7w+F5P90j32rHIEHidWr45Xx:KX6yo9R6jmrHIEAWk5B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Payment Copy.exe

Files

JaffaCakes118_c953fcff4f8d8367bad8cb16bc86b71e
.ace
out.ace
.ace
Payment Copy.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 501KB - Virtual size: 501KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ