07f0928ef253cf89fc4246df0c0692ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07f0928ef253cf89fc4246df0c0692ed_JaffaCakes118
Size

62KB
MD5

07f0928ef253cf89fc4246df0c0692ed
SHA1

7a31482d5add684c7a2f8ff3161811ffcb90e8c1
SHA256

c4d77820deb170d1a9c7dda25bc7b21192c8b847d7255e93aa481bafa5d97a0c
SHA512

bdc44ce02326db3269324dcc16d72a91ef4cfcaf13c5d6ee12cf5d00a9bf34afa6a8bd426fcc536a612122016fdbf6c76a76e8b9ed7a0152b2432822216356f2
SSDEEP

768:Fb/oOb/oVAf4F60hMAxgQP8pYzs0PNsaA4vtPYk/Ijc4JkImDCXw/47em/H5hY7K:5INs34vdY+d4J0GXw/47phG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07f0928ef253cf89fc4246df0c0692ed_JaffaCakes118

Files

07f0928ef253cf89fc4246df0c0692ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c93b7bdb59e6ec21402cad5618683de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetCurrentProcessId
GetTempPathW
OpenProcess
RemoveDirectoryA
GetDateFormatW
lstrcmpi
CreateProcessA
VirtualAlloc
ReadProcessMemory
MoveFileExA
GetCommandLineW
WriteConsoleA
CopyFileW
LoadLibraryA
OpenSemaphoreA
CreateSemaphoreA
GetFileAttributesW
TlsGetValue
CompareStringA
FindFirstFileW
CreateEventW

odbctrac

TraceSQLFetch
TraceSQLConnect

dbnmpntw

ConnectionClose
ConnectionWrite

advapi32

RegOpenKeyW
RegSaveKeyA
RegUnLoadKeyW
RegCreateKeyExA
OpenServiceW
RegReplaceKeyW
RegDeleteValueA
GetUserNameA
RegEnumKeyW
OpenEventLogW
RegCloseKey
InitializeAcl
RegLoadKeyA
ReadEventLogW

eappcfg

EapHostPeerFreeMemory
EapHostPeerInvokeConfigUI
EapHostPeerConfigBlob2Xml

user32

InsertMenuW
SetWindowTextA
MessageBoxA
DefWindowProcW
CharToOemW
FindWindowA
DefDlgProcW
SetCursorPos
LoadCursorA
wsprintfW
IsDialogMessageA

Exports

Exports

uijq

Sections

.code
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.juk
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE