fa33a647605a2e17f16b74fc7122f42c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa33a647605a2e17f16b74fc7122f42c_JaffaCakes118
Size

94KB
MD5

fa33a647605a2e17f16b74fc7122f42c
SHA1

408cca949fb639b3cbe73c67127a55d7d3406803
SHA256

f6fb5b32c5a5677d40d6845e9bd67f5c6d49458cad9ba021dfadde11aa4387d6
SHA512

9df1fe3de48bb546a3df953fba1d4f7bf175e4357694af3853e2d50a151123426c5deef63d96c3646b6df7e03882ad3f398379ab9ebd938368c99c063405a1e2
SSDEEP

1536:YsBX1tjh1dpHTQ3ZAT7YPCalUd0nNjdXCDOOLHvMAcjXJIOMl:hXX3HTQ3iT7YPCaW+nNhXYLPMAKXJlMl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa33a647605a2e17f16b74fc7122f42c_JaffaCakes118

Files

fa33a647605a2e17f16b74fc7122f42c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b9d1d12880854ee6b1707053728edf0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
DisableThreadLibraryCalls
DefineDosDeviceA
SetConsoleCtrlHandler
GetConsoleWindow

d3d8

ValidatePixelShader
ValidateVertexShader

tapi32

phoneSetHookSwitch
phoneConfigDialogA

dinput

DllCanUnloadNow

winspool.drv

AddFormA

Exports

Exports

WriteThauykerwm
Mptomfaqetw

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ