01ef7d0674deeb3f506a474926f110f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01ef7d0674deeb3f506a474926f110f5_JaffaCakes118
Size

61KB
MD5

01ef7d0674deeb3f506a474926f110f5
SHA1

595618d589e7e657c717ddf5d3c7f17161a97dec
SHA256

e1e5dd2a971edd37dc35c4c8a93b5e722e4f16499f4a26c75f6a6ade8e26280d
SHA512

5a87a74b1f78a24107e9a1d3f98d181f0277523fe2c7339076dca65c64a61d2dd5b308ac319ad81a473a13e48051cff0e4fe4af05479b7c4ef9127260f86d56e
SSDEEP

1536:41wafgYLJGbtnlfH2L8I84nE4mP54odBYaa2ZltA15AbhE/L:41RINxnlfw8eE4muoP/lomt8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01ef7d0674deeb3f506a474926f110f5_JaffaCakes118

Files

01ef7d0674deeb3f506a474926f110f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

452dacdc721db4872fb52ec07abc652c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetModuleFileNameA
LoadLibraryA
VirtualAllocEx

user32

GetCapture
GetDesktopWindow
ScrollWindow
ScreenToClient
SendMessageA
RemoveMenu
GetMenu

advapi32

RegDeleteKeyA
RegQueryInfoKeyA

gdi32

BitBlt
GetRgnBox
GetPaletteEntries
SetTextColor
SetBkColor
SetPixel
GetBkColor
GetBkMode
GetTextColor
SaveDC

Exports

Exports

_s5vrv@8
_TCK3R@8
_W4OK8emNeFZ@24
_rengnrPaT
_7DL4MZHT2bJcN
lbtiz59dYlIVnA@12
NM3N8X@24

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ