261b76adcf2f319df13d128cdcafaed6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

261b76adcf2f319df13d128cdcafaed6_JaffaCakes118
Size

61KB
MD5

261b76adcf2f319df13d128cdcafaed6
SHA1

4486fb6c425ffeec06d8b9bc6f49fe7a2ea7fb5b
SHA256

dedc0607592d7559e2804cf65b6e4a0c75d5f62545fea89ea419468a10e14423
SHA512

07da7bf0631d26b68757136d9050d5871b0e9d3338e6fae3b2145416d687f5bd4bfc6acbe24c093e992fe10a89a8d3983504b1751523ab9f915233a1e32dd1c4
SSDEEP

1536:41wafgYLJGbtnlfH2L8I84nE4mP54odBYaa2ZltA15AbhE/d:41RINxnlfw8eE4muoP/lomty

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
261b76adcf2f319df13d128cdcafaed6_JaffaCakes118

Files

261b76adcf2f319df13d128cdcafaed6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

452dacdc721db4872fb52ec07abc652c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetModuleFileNameA
LoadLibraryA
VirtualAllocEx

user32

GetCapture
GetDesktopWindow
ScrollWindow
ScreenToClient
SendMessageA
RemoveMenu
GetMenu

advapi32

RegDeleteKeyA
RegQueryInfoKeyA

gdi32

BitBlt
GetRgnBox
GetPaletteEntries
SetTextColor
SetBkColor
SetPixel
GetBkColor
GetBkMode
GetTextColor
SaveDC

Exports

Exports

_s5vrv@8
_TCK3R@8
_W4OK8emNeFZ@24
_rengnrPaT
_7DL4MZHT2bJcN
lbtiz59dYlIVnA@12
NM3N8X@24

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ