43d9f0e2152e8f8a933aab56635c2ab6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43d9f0e2152e8f8a933aab56635c2ab6_JaffaCakes118
Size

232KB
MD5

43d9f0e2152e8f8a933aab56635c2ab6
SHA1

afab416dd64be9ba703746020c1d2cf79277afa0
SHA256

c9a0d8e3f7c2d6ca03a964e3198e4f3a66f39294380e7694fe886d7687229176
SHA512

159b1b9fce87a5e6d323e94ec588dff77a814a5ccd5722b58a2aee37985a177a996e9d86d9bb586e91c0b91a18426feab73e2b304230eeea17774ad836d71fc5
SSDEEP

3072:l3z49TpHzAgmrm+q4/c+pyPsZNDA4u/NyZutXrI:aThVK//pNK4uNyod

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43d9f0e2152e8f8a933aab56635c2ab6_JaffaCakes118

Files

43d9f0e2152e8f8a933aab56635c2ab6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42a2109d56a86e0387fa7a3e763bd558

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
FindFirstFileA
LoadLibraryA
FindResourceA
EnumCalendarInfoA
FindClose
VirtualAllocEx
GetProcessHeap

user32

CharUpperA
GetTopWindow
GetWindow
GetSysColor
GetSystemMenu
GetMenu
CharLowerA
GetSysColorBrush

Exports

Exports

_QG
_tf@24
_xja
_VhE
_je
qt0@20
mT

Sections

CODE
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eddata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ