f270db5f7baedc42d14ef24269002e3f_JaffaCakes118 | Triage

Sharing

General

Target

f270db5f7baedc42d14ef24269002e3f_JaffaCakes118
Size

304KB
MD5

f270db5f7baedc42d14ef24269002e3f
SHA1

6bda8899da0244b5e6af1457d4d0b6870bc33e6f
SHA256

f059929a572ea4779efe325bdcf649f0f535721a101e3faa6c7cfcd904ee3eab
SHA512

043a5e28005422b7e840b062f08882de6394470ada1bfb94502e9125142afdb14b6a5a45340f0673c067878aaacf53301beb954d464f9fb295af5c16f72bd97a
SSDEEP

6144:hD1PqteLZrtcpjjwGJVtPhXaMccErnEfPG3DYJ35KfRHPXNT06g:hxUcrwjwGJj1lHCEfmmURPX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f270db5f7baedc42d14ef24269002e3f_JaffaCakes118

Files

f270db5f7baedc42d14ef24269002e3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8300444c0c204f408943a10af663bb03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommBreak
GetThreadIOPendingFlag
WaitForDebugEvent
CreateSemaphoreA
GetSystemTime
WriteConsoleOutputCharacterA
CloseHandle
HeapFree
FindNextVolumeMountPointW
SetEndOfFile
ConnectNamedPipe
HeapSize
FreeEnvironmentStringsA
VirtualAlloc
GetPrivateProfileSectionNamesA
IsProcessorFeaturePresent
TlsGetValue
SetErrorMode
GetSystemWindowsDirectoryA
FindFirstChangeNotificationA
GetSystemWindowsDirectoryA
GetEnvironmentStringsA
GetSystemTimes
WritePrivateProfileSectionA
TlsAlloc
SetSystemTime
SetHandleCount
SetConsoleNumberOfCommandsA
GetDllDirectoryA
GetEnvironmentVariableA
GetThreadSelectorEntry
GlobalAlloc
FindNextFileA
OutputDebugStringA

odbc32

SQLSetEnvAttr

glu32

gluUnProject

Exports

Exports

Twqkswgdksp
EndBjjxfgbv
ReadXivkbjil

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ