1c420cbd2f6a4db39bb5841039770109_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c420cbd2f6a4db39bb5841039770109_JaffaCakes118
Size

132KB
MD5

1c420cbd2f6a4db39bb5841039770109
SHA1

4a55022246184817e981fb5ec46737e9566279f8
SHA256

15186e5fb7cacf6c67afff4eac16a7a6041354c85c3fe05a9d068bdfba7eea12
SHA512

63ea158b3da930f8ae35bb78bdb1003b403b4efe9c3ea3fb0c24ab4a24f2b278ceec9c254fb4f18f9c47dc9370255828cea09487f26d10ef7d6d7b95477a59f3
SSDEEP

3072:MEcD8Sb0/k5Ulf5i5ggbKCpuaEJY9SxMR9bvJh6/Mn:40Mmlo51pjEJY9TvJhln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c420cbd2f6a4db39bb5841039770109_JaffaCakes118

Files

1c420cbd2f6a4db39bb5841039770109_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c74cb0b724307b6e10c4b978b5efe6be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

kernel32

TerminateThread
GetStringTypeW
CreateIoCompletionPort
HeapSize
GetStringTypeA
LCMapStringA
EnumResourceNamesW
GetConsoleMode
GetLocaleInfoA
ExitProcess
RaiseException
GetConsoleCP

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ