075999ef573f54fd776617b8d1c496b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

075999ef573f54fd776617b8d1c496b0_JaffaCakes118
Size

2.6MB
MD5

075999ef573f54fd776617b8d1c496b0
SHA1

88e36ffdb495204e0c1f7fadad9f9f3f38e142ab
SHA256

b25aaeca2ede34c616428a3e1669a80c599c39c2bfad8d4d1fee81cb38011634
SHA512

0d7daa6a0a4e5c8a1c7d2b8f6a78885dc003fbd686726ceb4059d4fe5fb5bdb99bde843b461436745cdbe0be8902dee13940c743c0a15d1d1df415ff6dcdf5e2
SSDEEP

49152:gHlrlWfcjPRhXXx4LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLP:9WRVXx4LLLLLLLLLLLLLLLLLLLLLLLLz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
075999ef573f54fd776617b8d1c496b0_JaffaCakes118

Files

075999ef573f54fd776617b8d1c496b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\public\workspace\depot_erbium\current\eneasywin\release_unicode\ENEasyApp.pdb

Exports

Exports

??_FCPrnDrvInst@@QAEXXZ
?GetDeviceName@CPrnDrvInst@@IAE?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@V23@@Z
?GetDriverPath@CPrnDrvInst@@QAE?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?SetDrvPath@CPrnDrvInst@@IAEXPBD@Z

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 480KB - Virtual size: 478KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rol
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE