297c8d90de01e0c05fecc5775c708372_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

297c8d90de01e0c05fecc5775c708372_JaffaCakes118
Size

64KB
MD5

297c8d90de01e0c05fecc5775c708372
SHA1

c0bf78f0938b59852245b5dec4ed207e6ad1b9f0
SHA256

9e68cb3b287e81e297e9241dac854f2c76e52bc0da04960820d583831ba6dbad
SHA512

972ccf66e4ac08eb1ab93d18891e9a5a699f9e98a4f885235ea28f8c9436947c3d4bb45ec3e2aac8251bdfdf04917ebc8ba611df32f836a37e9f3d30c53829c9
SSDEEP

1536:q2dQSYF/dZPUZH0xjDM0h9urH3rHhEnyJSPmFTcmJ:ndQ3zU+hK7HhbJSPmTcw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
297c8d90de01e0c05fecc5775c708372_JaffaCakes118

Files

297c8d90de01e0c05fecc5775c708372_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19726e17107bbf8240e53a333d5897eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDevicePowerState
GetDiskFreeSpaceA
GetLogicalDriveStringsA
OpenWaitableTimerA
GetDriveTypeA
lstrcmpA
SetCurrentDirectoryA
GetProfileSectionA
UnlockFileEx
IsValidLanguageGroup
FreeConsole
SetHandleContext
WriteProfileStringA
GetVolumePathNameA
VirtualAllocEx
lstrcatA

dhcpcsvc

DhcpUndoRequestParams

odbc32

SQLCancel

crypt32

CertFreeCRLContext

user32

GetDCEx
CallMsgFilter
GetKeyboardType
ArrangeIconicWindows
DrawTextA
InSendMessage
UnionRect
DestroyIcon
EnableWindow
CreateWindowExA
DeleteMenu
ChangeDisplaySettingsExW

advapi32

GetAce
AddAce

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ