4cab8b64b43ff48e864fb747e4686496_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cab8b64b43ff48e864fb747e4686496_JaffaCakes118
Size

212KB
MD5

4cab8b64b43ff48e864fb747e4686496
SHA1

1afda43ef7e9ddb86d0139d18eed19b9bcefe6fb
SHA256

899a15212d999df944b9d6bfe4f9c0e6c217a53deb08a648d4c458aa9bb54e06
SHA512

5258e58395c043b9573813296bd5aa645ceeba553f2ab332e66033edd18e14b5d7d91fe07944b84a553354b5ccbdf1b1b564dab0c33eb4b54096b664a3663621
SSDEEP

1536:AblJ3od4JtZOpLLStl0Dj9fQRgu8f3B9upcVjt03n9:AblJ3oSJt0OtlQhfQRgPPBLVjU9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cab8b64b43ff48e864fb747e4686496_JaffaCakes118

Files

4cab8b64b43ff48e864fb747e4686496_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4dda6a3a2acf54a813d8f6d3fff48513

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

PDB Paths

EapVPlahpcwoS55u0CV.pdb

Imports

winspool.drv

GetPrinterDriverW

user32

IsWindowEnabled
LoadMenuA
DrawTextExW
GetPriorityClipboardFormat

wininet

GetUrlCacheEntryInfoExW

gdi32

GetPixel
GetStockObject

kernel32

FileTimeToSystemTime
GetVersion
GetSystemDirectoryA
GlobalFlags
FlushInstructionCache
GetThreadId
GetUserGeoID
GetUserDefaultLCID
GetStringTypeW
GetTickCount

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ