77412f53b5891d1202c18db0e126290b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77412f53b5891d1202c18db0e126290b_JaffaCakes118
Size

14KB
MD5

77412f53b5891d1202c18db0e126290b
SHA1

762a702a02886663084650e3cbb717185446aaf8
SHA256

863575cefa31836cc281803f15a4ac848a5616b6ea268503e3c97eb6579b5c43
SHA512

9649579864a32efa8b1bcd5c1aa6a2e2385683d5b012a1e156f7f75e3e091a7683a8cab642a0e20b332865d9e6962070f072f93ae61077c684428b4029619e52
SSDEEP

192:WEfbNdni7i/zvzf3UFWIt539RyoDpjp09KRBNBQ4x6yB8Z1PT9Od/cT:WEfZk7RFLtpyo30CiWonOh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77412f53b5891d1202c18db0e126290b_JaffaCakes118

Files

77412f53b5891d1202c18db0e126290b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ef59e23298033ae333a53fdf9be43ce4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
MoveFileExA
GetWindowsDirectoryA
GetTempFileNameA
GetTempPathA
CreateProcessA

user32

CreateDesktopA

msvcrt

fclose
fwrite
fopen
malloc
free
_initterm
_adjust_fdiv

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ