4159865d944419346cee03ba26bc7c84_JaffaCakes118 | Triage

Sharing

General

Target

4159865d944419346cee03ba26bc7c84_JaffaCakes118
Size

1.7MB
MD5

4159865d944419346cee03ba26bc7c84
SHA1

1261ec74742449635b435c9bf074f085bd94146c
SHA256

75f0493024307ec558ea18645d9f4e6394beac3e1f6386bc2e1aa664c32367d0
SHA512

00e681deb2d87e1a713c6dda551a4295d949c2ce2789f094abe6e3b023aa6da48643d5cd9ba7361562c0641e82d18e56a8f7d47a68d06a19d40a72f6aaaada33
SSDEEP

49152:oyvZztmu7D+l8UNH5jEyvyw4jJ6lvwqXUur1:oymu7CGA9Z4jwlISL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/屏幕监控/屏幕监控.exe

Files

4159865d944419346cee03ba26bc7c84_JaffaCakes118
.rar
屏幕监控/屏幕监控.exe
.exe windows:5 windows x86 arch:x86

6a9e3895f1a04aa6fd95b852622faada

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32 kernel32

CreateCompatibleBitmap �R+

Sections

.text
Size: 1.2MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

light
Size: 756KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

light
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

light
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

light
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
屏幕监控/注意事项!.txt