b96b8457133823fb0022a00b82be5035_JaffaCakes118 | Triage

Sharing

General

Target

b96b8457133823fb0022a00b82be5035_JaffaCakes118
Size

90KB
MD5

b96b8457133823fb0022a00b82be5035
SHA1

1169ca45fa5b1c2c1151aa690c26ea6d5d25fd31
SHA256

2354b28e3f3b8fd7f359b095ad2c2c59419b0d620a00bc13dde89e6833abf21e
SHA512

0bec6867073283e0bdefae54fbf4d6acde5b1faba34b5e62b5a00ec31e266d51514409a4f1f9709e313dad99e48e7ce6d0713cae2c12e75b22e2a78f26ccf1ac
SSDEEP

1536:qnkgtoPkq92Bh9LiDQcgHW2IPYmBF75zXIiogy1I4GLPv8okIgZSav:qYsq9UDeDQcicFZXIio4zLsTICSav

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b96b8457133823fb0022a00b82be5035_JaffaCakes118

Files

b96b8457133823fb0022a00b82be5035_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e13658eb9e9964be94ec2bfcb3d32d08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SetConsoleCtrlHandler
GetProcessHeap
GetConsoleWindow

user32

IsServerSideWindow
GetWindow

d3d8

ValidateVertexShader
ValidatePixelShader

tapi32

phoneConfigDialogA
phoneSetHookSwitch

dinput

DllCanUnloadNow

advapi32

GetAce

Exports

Exports

BeginFblbywfjahn
Mscxkqcexm

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE