729d4f6bb58a955b244172e199527fd1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

729d4f6bb58a955b244172e199527fd1_JaffaCakes118
Size

6KB
MD5

729d4f6bb58a955b244172e199527fd1
SHA1

67da82e2072cd7da1e252593483b5b76c7877bcd
SHA256

08c38c5c305010e72aa0467726d46c5d18f863ebf262098cc48d07ec7ecf5615
SHA512

5b7c2bb6230da2ca5f7c6fe2dd64461a66fdf44c9e38461bc8f9301ba89330e727ecf4de16a6291e9c98082d40a269964a58e686ace55e19ffd6b048a1e74f2a
SSDEEP

192:pyd0g0SqAxunxw9L0OKpZWxZ2L6kedYpdWFA6W:pO0rSq6unxwUpQXs6kuYpdWFA6W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
729d4f6bb58a955b244172e199527fd1_JaffaCakes118

Files

729d4f6bb58a955b244172e199527fd1_JaffaCakes118
.exe windows:6 windows x86 arch:x86

2f18e95b2d4bd7d69bc1efc4c94a11eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

TraceMessage

msvcrt

exit

winspool.drv

ClosePrinter

Sections

.MPRESS1
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 958B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE