fe232d6c78307311384c64dbaa9f6feb_JaffaCakes118 | Triage

Sharing

General

Target

fe232d6c78307311384c64dbaa9f6feb_JaffaCakes118
Size

75KB
MD5

fe232d6c78307311384c64dbaa9f6feb
SHA1

8ce0f19543afe09daf0de79938ee7757317d7455
SHA256

a63eb1c2e7ae784ac64f25acca6eeea7c29307dd0a457238b50ddd77ddc4a0be
SHA512

0d0859b37c97da1d42bd58f19bdaf33ced0dcc7da3bc5c9cfd12bce2fd051ae29e723290250c85d26bec4f2b4b3f38cef68b52aca2c86c9f783b463cd29d387b
SSDEEP

1536:eWx2gCyk619ocPF9O3BHziZkMgCRqLWFtqevV:31CykKn99O3pziZkMgChnJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe232d6c78307311384c64dbaa9f6feb_JaffaCakes118

Files

fe232d6c78307311384c64dbaa9f6feb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ec2068cbb1578793d67bbadcdf00cc6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsExA
ExitProcess
lstrcatW

user32

CallMsgFilterA
ChangeDisplaySettingsExA

gdi32

GetICMProfileA
GetLogColorSpaceA
GetObjectA
GetOutlineTextMetricsA
LineDDA

Sections

.data?
Size: - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 402B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE