045b1fbbf5463ae16959a85ebf173d11_JaffaCakes118

General

Target

045b1fbbf5463ae16959a85ebf173d11_JaffaCakes118
Size

107KB
MD5

045b1fbbf5463ae16959a85ebf173d11
SHA1

a6d35327837185a6e2f77230006236c68bbf4d7a
SHA256

0b6bd6dbd74117ce41d96712e6f309bd9809732517b6320c8370e0e9434e7e98
SHA512

85a27bbc0b696d1375c39afcbcc7435231f2fcc9a7a8191ace985da94c08d9bb3b293d92d1467cf2ca7fa6d969dd40936b299f93ca387900f547b2fa71e017fd
SSDEEP

1536:ZRvhZs8uLO63Cilm94/Dn1ehd5Z33cVPL+Klns8E1jrEE:TZduLro9qwhJ3wL+Kzmr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
045b1fbbf5463ae16959a85ebf173d11_JaffaCakes118

Files

045b1fbbf5463ae16959a85ebf173d11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f206d4125e312e47a0be93bce2bd0d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

clbcatq

SetSetupSave

netapi32

NetReplExportDirLock
NetReplExportDirSetInfo
NetReplExportDirUnlock
NetReplGetInfo
NetReplImportDirAdd
NetReplImportDirDel
NetReplImportDirEnum
NetReplImportDirGetInfo
NetReplImportDirLock
NetReplImportDirUnlock
NetReplSetInfo
NetScheduleJobAdd
NetScheduleJobDel
NetScheduleJobEnum
NetScheduleJobGetInfo
NetServerComputerNameAdd
NetServerComputerNameDel
NetServerDiskEnum
NetServerEnum
NetServerEnumEx
NetServerGetInfo
NetServerSetInfo
NetServerTransportAdd
NetServerTransportAddEx
NetServerTransportDel
NetServerTransportEnum
NetServiceControl
NetServiceEnum
NetServiceGetInfo
NetServiceInstall
NetSessionDel

kernel32

GetLastError
CreateFileA
GetWindowsDirectoryA
GetTickCount
OutputDebugStringW
AllocConsole
IsBadCodePtr
HeapSetInformation
CreateRemoteThread
QueryDosDeviceW
_lread

odbc32

CloseODBCPerfData
CollectODBCPerfData
CursorLibLockDbc
CursorLibLockDesc
CursorLibLockStmt
CursorLibTransact
DllBidEntryPoint
GetODBCSharedData
LockHandle
SQLAllocHandle
SQLAllocHandleStd
SQLAllocStmt
SQLAllocConnect

comctl32

AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW
AddMRUStringW

Sections

.text
Size: 31KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f206d4125e312e47a0be93bce2bd0d8

Headers

File Characteristics

Imports

clbcatq

netapi32

kernel32

odbc32

comctl32

Sections

.text Size: 31KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 19KB

.rsrc Size: 51KB - Virtual size: 52KB

.text
Size: 31KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 19KB

.rsrc
Size: 51KB - Virtual size: 52KB