30e6e5340dee24271b3c52622adaed7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30e6e5340dee24271b3c52622adaed7c_JaffaCakes118
Size

403KB
MD5

30e6e5340dee24271b3c52622adaed7c
SHA1

57ce7a2d0c8eb8f9cca8a912ea13ac4b0d64100b
SHA256

a89ad045c704ca112d09c7a95e69243eb501997c3cf791cae2fe623aa88fe1af
SHA512

a0809d1dfb52d743c9cadcc5f6f554d2a7d546687044459001e89d028473f778600a6b81bfef6773bf2cec1ac759506bcaa975317811c4bde371ca849e440557
SSDEEP

6144:+Pec39akQNukbvLGC1C/2Qo3UiM/YsedW45A3x64irYNOQUIdmlmsyhcC6s0zAj8:43YpvvLGCw2QG5wY/XAB6LYNOj2mrCr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30e6e5340dee24271b3c52622adaed7c_JaffaCakes118

Files

30e6e5340dee24271b3c52622adaed7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

886d3147407e519e9fc884da6278a179

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

user32

GetWindowInfo
CheckDlgButton
IsDlgButtonChecked
EnumWindowStationsW
wsprintfW
EnableWindow

kernel32

GetFileAttributesW
SetFileAttributesW
GetSystemDirectoryW
_llseek
GetCurrentThreadId
FileTimeToLocalFileTime
GetThreadContext
GlobalGetAtomNameA
CreateDirectoryW
LocalAlloc
WaitForSingleObject
MoveFileExW
ResetEvent
TerminateProcess
GetCommandLineA
CopyFileW
ExitProcess
CreateProcessW
GetSystemTime
CreateThread
SetEvent
CreateFileW
LoadLibraryExW
LocalFree
FileTimeToSystemTime
CreateEventA
GetModuleHandleW

Sections

.text
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bomex
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ