4ac11575b8b6734443e34f8500fa3855_JaffaCakes118 | Triage

Sharing

General

Target

4ac11575b8b6734443e34f8500fa3855_JaffaCakes118
Size

64KB
MD5

4ac11575b8b6734443e34f8500fa3855
SHA1

896e05e0c7ec36bd8c78ee4c27dea7ed032e5811
SHA256

8414929ed3d0083dbbbad83720158d1b14279c56007c952ba2866edd21113704
SHA512

8aad38908f0b9534fcb090b33d9a13592c5445d478cdb161f62f04bd802bde6ce3449f258989328a1824938c40a1a7aab7d862e28e21870151e4f8de31074021
SSDEEP

1536:iIe3UVRysGxjcyWL2QNCQd6V0HbcFgy5iRAWM4Vwd7ZejZMZfNDV8:ipbsWc/L2QsQd6V07cFgy5ig4U7Z+OZc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ac11575b8b6734443e34f8500fa3855_JaffaCakes118

Files

4ac11575b8b6734443e34f8500fa3855_JaffaCakes118
.exe windows:1 windows x86 arch:x86

65780bbff2cf0c820e2c361c297b51a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
VirtualFree
EnumUILanguagesA
GetProcAddress
ExitProcess

gdi32

AbortPath
ChoosePixelFormat
ColorMatchToTarget

Sections

.rsrc
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE