4886e13f303e0aa0e70955924f0e3f18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4886e13f303e0aa0e70955924f0e3f18_JaffaCakes118
Size

18KB
MD5

4886e13f303e0aa0e70955924f0e3f18
SHA1

75dd5f3e27dc4308d64b8f4acffc922f5702220d
SHA256

c59638f2fa7f3be1e20605c1e2b03b90e2344ae5073b977a0f62383d9151c1c7
SHA512

0206fe0e1e7e9fc2449f701b85295e0262069aeb03807c833ff8c6845d089c9d1d672ee57e7d76c50a0cb1bdefc13480e6c797960e0e98b6fd62b193422beb03
SSDEEP

384:daS7d1d93sYve3yufF6sEkF2q/q6ZsD+/oxXhEadYts:0S7XOyKKK2qC6kXhELe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4886e13f303e0aa0e70955924f0e3f18_JaffaCakes118

Files

4886e13f303e0aa0e70955924f0e3f18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e52bac3407cd40edcfff5e784ac77785

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCtrlHandler
CreateFileMappingW
VirtualAlloc
DisableThreadLibraryCalls
FreeConsole

d3d8

ValidatePixelShader
ValidateVertexShader

tapi32

phoneConfigDialogA
phoneSetData

user32

GetWindow
LoadMenuIndirectW

Exports

Exports

IsScmexfl
ReadXkednwllykq

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ