5f87267069c9f97e9f6c2b2902ea1201_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f87267069c9f97e9f6c2b2902ea1201_JaffaCakes118
Size

88KB
MD5

5f87267069c9f97e9f6c2b2902ea1201
SHA1

b629dd0b5f28e9db611ed69a42c0ddb58dd1c87a
SHA256

2c344dfe1d2d2497e11c60446f4701feae584c5906ec4feb9ad317b0bfa6502b
SHA512

15cb653ed39683305b1a676f19761b2a3d4f81ecfb381af76d068eb2aa9ef7b16e896195d573ae798f68ae974c9507fa9c11d8259e9763a5ee31e5419994216e
SSDEEP

1536:bc67YjDz6c0MNA5As5+NIFwO32tG88HhxGSXsYXSnFt:F0n/0MjeM+3vjGyMnFt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f87267069c9f97e9f6c2b2902ea1201_JaffaCakes118

Files

5f87267069c9f97e9f6c2b2902ea1201_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acfc737588fdec8fa45a8ac2c6f3f25a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
GenerateConsoleCtrlEvent
GetConsoleWindow
VirtualAlloc

user32

GetWindow
OemKeyScan

d3d8

ValidatePixelShader
ValidateVertexShader

tapi32

phoneSetHookSwitch
phoneConfigDialogA

Exports

Exports

Nbgwswlah
EndLsrtlkbn

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zacfozr
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE