43b2c0e9937f492c967fdf5d5bc1a245_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43b2c0e9937f492c967fdf5d5bc1a245_JaffaCakes118
Size

71KB
MD5

43b2c0e9937f492c967fdf5d5bc1a245
SHA1

4a7a05617c5821d6ac7980aeaf5727ee68bef136
SHA256

e4ee3949e89559e3eb88f11b1f0088c3c7feecdca2b692504bbcac9c2752f03a
SHA512

82b8f29a96e49bd030a4b97a229b5ec92a1d538a0b259f07f3bad4dc134cc619794a3d1b9aab427da37b13cc0fea866cfd4ed19d3a3d80e6a38b8ac83cc0f567
SSDEEP

384:6bU1Bx9GhIeuLe6jIePoH7333j7XXin5cA7MJfxQE/k0n6R5n:cSGhIeuJjLOHzDimYM9OElnw5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43b2c0e9937f492c967fdf5d5bc1a245_JaffaCakes118

Files

43b2c0e9937f492c967fdf5d5bc1a245_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Arg1
Arg10
Arg2
Arg3
Arg4
Arg5
Arg6
Arg7
Arg8
Arg9
CallDLL
Finished
Firstbp
Patcharea
Prepatch
WndProc

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LDATA
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE