38b2c14f20f89f5b007a660bda519fc6_JaffaCakes118 | Triage

Sharing

General

Target

38b2c14f20f89f5b007a660bda519fc6_JaffaCakes118
Size

180KB
MD5

38b2c14f20f89f5b007a660bda519fc6
SHA1

a38c9f4fdfa7a2eedc29cf533947a0ed113726fd
SHA256

4ad7b0ee8a2133fb01c221fc1ee6ba225fde0d36ea4ed3d05de14ee1a42fcae6
SHA512

3e151dd03fb77cb7735f02c7e46c12159c06c48c2d21b57ff2303637049a530fb23ca10a9fd0ada21fb7132b913459dd368e79d0059a65fd73862b126f117a12
SSDEEP

3072:oD23JeSjU91NwhzvGQ5Fv6GKWiEAZxRzvUAtfRZF5EKWiQqmyF4uA:oDwJeSjoCB5xhCFzsAtZj5NBQoF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
38b2c14f20f89f5b007a660bda519fc6_JaffaCakes118

Files

38b2c14f20f89f5b007a660bda519fc6_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2ca6ab0f08afe2d9f24be78633a20c21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memset

user32

ShowOwnedPopups

winspool.drv

WritePrinter

kernel32

CreateFileA
GetModuleFileNameW

advapi32

RegLoadAppKeyA

oleaut32

VarI2FromI4

Exports

Exports

OqwncdRfdeawcce

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ