c91580ca5d6bdeb110d0f069358411ca_JaffaCakes118 | Triage

Sharing

General

Target

c91580ca5d6bdeb110d0f069358411ca_JaffaCakes118
Size

25KB
MD5

c91580ca5d6bdeb110d0f069358411ca
SHA1

9c4be2d54bc1f306d30695472acd51fcdc996d7a
SHA256

a3928a1edeebc4fd7722c484ed43afc776bc57c5579d91e59332646aaed1502a
SHA512

6f2a73a7bf916f6beb24c73382ed2c2e6197c2f47a2eb6ac28f94bb49c6c7c6930e80ffbb945fd4cb90319b452aaf1c9ec76af39e9be5e6a1eab36cea7773fc5
SSDEEP

384:PuIiV+lwsonYpRp59b7168DR6raGABDdLt0Ig/t1pbFwu8S50+H:PuIqson4vbLpB1WIQtLnl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c91580ca5d6bdeb110d0f069358411ca_JaffaCakes118

Files

c91580ca5d6bdeb110d0f069358411ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bf88cb47bd1a6ff963234439fe898bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetConsoleAliasesLengthA
SetVolumeMountPointA
GetConsoleAliasesA
VirtualAlloc
GetConsoleAliasExesA

d3d9

Direct3DCreate9

dhcpcsvc

DhcpRemoveDNSRegistrations

user32

CloseWindow
GetTaskmanWindow

crypt32

CertSerializeCertificateStoreElement

odbc32

SQLExecute
SQLSetStmtAttr

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ