43b5a11dd65d7a9b928ff1ffb10e964b_JaffaCakes118 | Triage

Sharing

General

Target

43b5a11dd65d7a9b928ff1ffb10e964b_JaffaCakes118
Size

8KB
MD5

43b5a11dd65d7a9b928ff1ffb10e964b
SHA1

9ac93887fbb51a0387e1e6ecf04e6426611237dd
SHA256

785860600e3aef0214fd840ab14d4f8e5f5acdf819542ea35ac7da5c37057646
SHA512

f0df454a623d320e7221eb2e5e570e794e26d80c556fb1f533e6372e1ec06f9154016adb00206cea12cc378f5be0b7e283bd0273fceb2fd49540a356af9e986a
SSDEEP

192:lFPmSzCvc+TZfGK4SYmtLrTsGpCgO3YppW59NW:lFPmSzwcyVGBSppKYppW59NW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43b5a11dd65d7a9b928ff1ffb10e964b_JaffaCakes118

Files

43b5a11dd65d7a9b928ff1ffb10e964b_JaffaCakes118
.dll windows:6 windows x86 arch:x86

5869e1b98b875be27dc3ea9e9bdacda0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

ntdll

NtFsControlFile

clfsw32

CreateLogFile

Exports

Exports

TxfGetThreadMiniVersionForCreate
TxfLogCreateFileReadContext
TxfLogCreateRangeReadContext
TxfLogDestroyReadContext
TxfLogReadRecords
TxfLogRecordGetFileName
TxfLogRecordGetGenericType
TxfReadMetadataInfo
TxfSetThreadMiniVersionForCreate

Sections

.MPRESS1
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE