745326cb877a2508579a8e05079291e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

745326cb877a2508579a8e05079291e3_JaffaCakes118
Size

90KB
MD5

745326cb877a2508579a8e05079291e3
SHA1

443959f9ba545fee91f7e2853c840edbe0139438
SHA256

dfd42988e0937491f0135855f85ab029b10ad6e8a17f86b2850b0ce46f01fcc9
SHA512

f73555d6a859866927a6477ae6602d7fa0ebf3bfb74a2da47df048fcad17c4848d6c994bef6d39cdfe8396a76dfa5cb2bf0cc6c3ce796e6fb18bd6f9ee83dcda
SSDEEP

1536:0nkgtoPkq92Bh9LiDQcgHW2IPYmBF75zXIiogy1I4GLPv8okIgZSav:0Ysq9UDeDQcicFZXIio4zLsTICSav

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
745326cb877a2508579a8e05079291e3_JaffaCakes118

Files

745326cb877a2508579a8e05079291e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e13658eb9e9964be94ec2bfcb3d32d08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SetConsoleCtrlHandler
GetProcessHeap
GetConsoleWindow

user32

IsServerSideWindow
GetWindow

d3d8

ValidateVertexShader
ValidatePixelShader

tapi32

phoneConfigDialogA
phoneSetHookSwitch

dinput

DllCanUnloadNow

advapi32

GetAce

Exports

Exports

BeginFblbywfjahn
Mscxkqcexm

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE