dc5c07f7febcea158adaa903a84c5211_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc5c07f7febcea158adaa903a84c5211_JaffaCakes118
Size

73KB
MD5

dc5c07f7febcea158adaa903a84c5211
SHA1

67df1e09a3db29a871e426a5a5a376ffe814edb7
SHA256

81d2f9582fea9f2635fcc77b1d9ddd9f0e02d5cad6fbb93d59269ac31f63aa60
SHA512

484a32e61f9cbb81f001930ab42040cd4c2cd509a21f181ba74b2304e8aae77365ff63f44103c7f648e454e3e5d28efeebdde6282965ab74a5821c5f438bf2ae
SSDEEP

1536:Lq5cT7o09DLMHnbMzv8LLyIkiW75SbMI0Jtvk7TxR3lX/6QXZ:L7T7NCQQLLyZiO50MImpA91lv6Qp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc5c07f7febcea158adaa903a84c5211_JaffaCakes118

Files

dc5c07f7febcea158adaa903a84c5211_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cfc07bd8de108f3bc12879b302d6c86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeFormatW
GetVersionExA
HeapAlloc
HeapCreate
SetLastError
WaitForMultipleObjects

user32

FillRect
GetUpdateRgn
DefDlgProcA

msi

MsiRecordSetStringW
MsiRecordGetInteger
MsiProcessAdvertiseScriptA
MsiCollectUserInfoA
MsiGetProductCodeA

oleacc

GetOleaccVersionInfo
GetRoleTextW

oledlg

OleUICanConvertOrActivateAs
OleUIBusyW
OleUIAddVerbMenuA

odbc32

SQLTablePrivilegesA
SQLProceduresA
SQLNativeSqlA
SQLExtendedFetch

Sections

.text
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ