f6a9b4d36955b361037fc135597a940a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6a9b4d36955b361037fc135597a940a_JaffaCakes118
Size

42KB
MD5

f6a9b4d36955b361037fc135597a940a
SHA1

df3e81129fc4b3f03b9f070292441a376c418442
SHA256

fe205670e243f59ba6a5bb08a0a3881a31a44e8b728dc01d51f1cca9985f3354
SHA512

2aa9e0e28066042368d7869afff8217566c3c38f6017f2ae91add0ee371f79082c88b11a4257dfe8d45665ca4227084aea94021d2145e40e2fee64b1a7f0d3e3
SSDEEP

768:V9Qk9u5XDu2EBGUCAAo+16O54ZgdPVibF4NXSMH0O/ELid6AD2E:VCNrIv+1f5fcbaNX90O/UidxD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6a9b4d36955b361037fc135597a940a_JaffaCakes118

Files

f6a9b4d36955b361037fc135597a940a_JaffaCakes118
.exe windows:1 windows x86 arch:x86

708e756f3548ff7c48b01e59c65a3f2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
VirtualFree
EnumUILanguagesA
GetProcAddress
ExitProcess

gdi32

AbortPath
CheckColorsInGamut
ColorMatchToTarget

Sections

.idata
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE