JaffaCakes118_e7c0e7644a9bfea72e2ba3087a2b6859 | Triage

Sharing

General

Target

JaffaCakes118_e7c0e7644a9bfea72e2ba3087a2b6859
Size

637KB
MD5

e7c0e7644a9bfea72e2ba3087a2b6859
SHA1

69d39503a20ee9456f3b867d351e164b5db38cbc
SHA256

b56d4ab0764e9a3cdcaa5c369dd48fb6e16541acd08da86ac0e53f45f6bf7ed0
SHA512

80fdd51f5c0ee0a957d905102572f45f26e3ddc20c10d4750fe97a8dbbe63807d2c08d3aaa436a683f4c694fea60db257ab7cada073d779d885fa97fae26e27a
SSDEEP

12288:vxR2fRZdgurF9etyzWT/bdWXGfKfxevgDvUCk9lO6O6onSo0/59+OSesp:vxa/wo6jbdsAvgDfk9lO65oSfHdSe6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Airway Bill Receipt - #50773009879.exe

Files

JaffaCakes118_e7c0e7644a9bfea72e2ba3087a2b6859
.gz
Airway Bill Receipt - #50773009879.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 672KB - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 481KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ