JaffaCakes118_ebc78d31297e8f877723eea631a8666e | Triage

Sharing

General

Target

JaffaCakes118_ebc78d31297e8f877723eea631a8666e
Size

543KB
MD5

ebc78d31297e8f877723eea631a8666e
SHA1

469a8255959ca57d1abc2e915e131c2045ae207c
SHA256

fa66148913a12ad14986560fa9ab1b2f58b6bae3500e730dc46117da02bf096f
SHA512

0d7a26476e103e1140213cce9493a871afa200c0cdacc1a9d65a0784a472322a0fb44fdf9e6dd8fdb8e6ae756ded730c338f29a6633feb870a6d12522fbd329b
SSDEEP

12288:9Gz+/KOhMReRYJgI8E+H9M+2J4nA2+trFGVK0e:C+COsfJNIK+2J4H+RF8e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/QDGS140625 Format BL.exe

Files

JaffaCakes118_ebc78d31297e8f877723eea631a8666e
.eml
QDGS140625 Format BL.zip
.zip
QDGS140625 Format BL.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-2.txt
.html
email-plain-1.txt