0b3305d213e235c557c5a424ba6dadff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b3305d213e235c557c5a424ba6dadff_JaffaCakes118
Size

71KB
MD5

0b3305d213e235c557c5a424ba6dadff
SHA1

77608b5bb3081484d1a2f5aa592a42efa35e0bf8
SHA256

6a044868cceeda98f2fe9c480789f9628d9f7ee84f8630c034e7423d4a9a22d0
SHA512

06551164a6dd2c9570a6bb4fc21461e1b1c06297c76d356f2871d66cb439201c926ab3f1b06ffb1e8ef9e7b7a41fa276a79bbaa7d8cb7ef6ea8f8b68347d1fb3
SSDEEP

1536:m91wI/1a3auy6xaqWAK+uNtaJ3RMrnlVRTgvuGa5+t9TbXoPWRuzNSp:41wINruzanl+WeIVRkm+t9fXjuIp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b3305d213e235c557c5a424ba6dadff_JaffaCakes118

Files

0b3305d213e235c557c5a424ba6dadff_JaffaCakes118
.dll windows:5 windows x86 arch:x86

271b0258d1b023d853aecf9a2a6bf46a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

Escape

winspool.drv

OpenPrinterA

shlwapi

PathFindFileNameA

oleaut32

VariantClear

Sections

.MPRESS1
Size: 65KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE