43371f55b392b694a31000e1956adf79_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43371f55b392b694a31000e1956adf79_JaffaCakes118
Size

40KB
MD5

43371f55b392b694a31000e1956adf79
SHA1

0e6d6fc0ca0125389b05a72da02405ca0ba5a06f
SHA256

855fcce1e38a88c156545174e1a6a970b99d77a421c55c63c94b0af4f0ec9a06
SHA512

630d63b27435e1c6bc912ae1e63fda5a049b824d90932cd5b3f9430bf1c1997a435d4039f433b8a4c5661b4ce0c1ecce3efe0c87c5d591bc84112e028113c04b
SSDEEP

768:DjNF2yL7nfO+ykzKKkSWwpwjJCAbqUiPEvmS11u5cqTee7Dxi:DjNIyLDykCSDpqwAbqUiszUyW0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43371f55b392b694a31000e1956adf79_JaffaCakes118

Files

43371f55b392b694a31000e1956adf79_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

8d27871624606fa9864eccead8e3b92a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

comctl32

ord17

comdlg32

GetOpenFileNameA

Exports

Exports

Athena16Export
Athena16Import
CSVExport
CSVImport
DllRegisterServer
DllUnregisterServer
EudoraExport
EudoraImport
LDIFImport
MessengerImport
NetscapeExport
NetscapeImport
PABExport
PABImport

Sections

.MPRESS1
Size: 34KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE