5d6fc1ca78800d3b4c4be000cd62dd8d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d6fc1ca78800d3b4c4be000cd62dd8d_JaffaCakes118
Size

98KB
MD5

5d6fc1ca78800d3b4c4be000cd62dd8d
SHA1

af077a24a0fa29e554e4f3e1ebbd7b0bcadfa00e
SHA256

bee6ac631f337d6e78ff64a931b2daf9a28cb9e99c77aeeb52f7be58edaf1a6c
SHA512

673c4894472055489c73cbc45e42d2f520ed141fa5890431feec0fd5926cf3360f64459a26afdc64dc16a0cafca95e1f6b69591a7596e166327ada42e7c09635
SSDEEP

1536:6mPmgW0YFMEircB/y54iLhqIZuVx9Cpr63axkulPL5G7Plm0J7rcRF1:fPmd0dEP/y54iLJZuVW5pz5Gc3RF1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d6fc1ca78800d3b4c4be000cd62dd8d_JaffaCakes118

Files

5d6fc1ca78800d3b4c4be000cd62dd8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b288f22436b850dd783105edd17cae3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontA
GetOpenFileNameA

kernel32

GlobalAddAtomA
SetUnhandledExceptionFilter
ExitProcess
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
FindClose
GetStartupInfoA
EnumResourceNamesW
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
GetLongPathNameA
LoadLibraryExW
RtlUnwind
Sleep
GetProcAddress

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

ole32

CoTaskMemFree
CLSIDFromString
CoCreateInstance
StgCreateDocfile

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ