c001fde6995c1c05301b6c2c9abd5c47_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c001fde6995c1c05301b6c2c9abd5c47_JaffaCakes118
Size

97KB
MD5

c001fde6995c1c05301b6c2c9abd5c47
SHA1

c63be233da9c0138cd7988b5649cdf58bb635a5e
SHA256

5fe7a4aa320476b0fc07619e3e39ffa0e68df4afd29b22f778edcd1dbe020d4a
SHA512

179b8d81b62f2199f42707c026472dd21ba4beafcc1aeb85bc1afb3f40fed33a82071d56810fdd0e8b5550b502aa404bef252b7be003dded7eeabe8ed6b2b712
SSDEEP

3072:tb8Pnq1ibapt0uDWqBRj3JmfuRol4JTpT5IZIE:x8SKaPzTVmRl49C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c001fde6995c1c05301b6c2c9abd5c47_JaffaCakes118

Files

c001fde6995c1c05301b6c2c9abd5c47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f072d19733d6cf65e08f0874f174f30a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

kernel32

TerminateThread
LCMapStringA
CreateIoCompletionPort
GetStringTypeA
HeapSize
GetConsoleMode
RaiseException
EnumResourceNamesW
GetLocaleInfoA
ExitProcess
GetStringTypeW
GetConsoleCP

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ