77cb83b16b42d153b732faf29a4cf212_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77cb83b16b42d153b732faf29a4cf212_JaffaCakes118
Size

94KB
MD5

77cb83b16b42d153b732faf29a4cf212
SHA1

197f5aed7b606bec01ad6326bc2c39dd1d328dcd
SHA256

a13ff94e31fe187e08c236166962c71af9a4f4331c746e1860bdab5facc78b4d
SHA512

ecebcaf3302d9eb363fec03033c92718b24ad1c0371d37b1a80a38c3abd896c6071dc7de316fd66e936178224298b135823367d6ce190a72b10d124c2cc60670
SSDEEP

1536:4KOfLa2yqChYarff/EOmyImAuKJtPD/kYMgb15UOeH/VCK88GKckeHePcznTq:ufLJkO4X/EvyI/TJtPD/hbHUOefVzJqS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77cb83b16b42d153b732faf29a4cf212_JaffaCakes118

Files

77cb83b16b42d153b732faf29a4cf212_JaffaCakes118
.exe windows:5 windows x86 arch:x86

79e6d65098dcf7d2dc09701eadbe9ff4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleInputW
LoadLibraryA
VirtualAlloc
AssignProcessToJobObject
GetProcessHeap
CreateNamedPipeA
GetStringTypeW
GetEnvironmentVariableA
AttachConsole
HeapAlloc
GetProcAddress

user32

CallMsgFilter
RedrawWindow
MapVirtualKeyW

gdi32

CombineTransform

advapi32

GetServiceDisplayNameA
IsWellKnownSid

Exports

Exports

miawsueaodzze
otzrpzpyuncwyn
tdgxbfmesoq

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 835B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ