204b5b494f510f2c1b96d3fa65495275_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

204b5b494f510f2c1b96d3fa65495275_JaffaCakes118
Size

297KB
MD5

204b5b494f510f2c1b96d3fa65495275
SHA1

2ed2fb9da39a8214bfd90c5b09087f98a6acd286
SHA256

9e5750a1302b279b6043ea248f0681c40a06c3c3b22b5345140147a61e705f68
SHA512

c71c1e30a67a0790df1a23405c6252c94a90c3e4bf27c83c36e8aa7e96e53d34b94bb8881f8ebeff3a9b4b754593dfaa5eafb6e3742a473a534f86fe6ada5419
SSDEEP

6144:mQF7ub7k5w+E2II4zI4vx+5dJP07bYnGB1L8XCQ9i9t2kV49u:mQlufkSFzRvx4/0s6N0OtpV4u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
204b5b494f510f2c1b96d3fa65495275_JaffaCakes118

Files

204b5b494f510f2c1b96d3fa65495275_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

i:\Arthur\public\Bin\Win32\Release\pdb\2345Explorer.pdb

Exports

Exports

CheckFile
GetConfigValue
Term

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tqn
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE