94738a9ec6fc47359d67225908b4f532_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94738a9ec6fc47359d67225908b4f532_JaffaCakes118
Size

176KB
MD5

94738a9ec6fc47359d67225908b4f532
SHA1

919cc8acf01bc6f644bd2efa6c0b5e7e71670583
SHA256

b56948a54dbe581574121cc7e19188e3920ae96904a60c57a35fdac46e6a8c8c
SHA512

7266e4d72cbb39ec64c384c711fbb0fbf174f37d9c6d33bce9c55d1d1bca3eb0dd691d02388cdbed6f66b83e8a9b7e357e4f1fc926692151ab12b8fdebcbb98b
SSDEEP

3072:aBYN0ARBjfM9LsWZUPIBDHqRHhJ8y+VAn7d3YwvFS4Ikn6TWXmYtRK9ZaHenTL:aB1A/TMyPIFHq9L8XVAn7d/FDD6SxoOH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94738a9ec6fc47359d67225908b4f532_JaffaCakes118

Files

94738a9ec6fc47359d67225908b4f532_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b5a9eaa67c0aaaf0af8431f51f40ae0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

Arc

comctl32

ImageList_Add

winspool.drv

OpenPrinterA

comdlg32

PrintDlgA

Sections

.MPRESS1
Size: 168KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE