10f73f6b036fbeb3aa237f05e2c7efc3_JaffaCakes118 | Triage

Sharing

General

Target

10f73f6b036fbeb3aa237f05e2c7efc3_JaffaCakes118
Size

57KB
MD5

10f73f6b036fbeb3aa237f05e2c7efc3
SHA1

2427266c7feda0d9eb4470508cc878b19523e3a9
SHA256

3cb91a549f75b2ef04fd4c8dd06d6af0d9d175484ef9044be22a3290587a55e1
SHA512

3a2ebbd6d83ee1599a654968c34cbd65316f49c12cfb9df56cd8c3410d15ecf66267bdd52017afe3afdfbca026fd2db5e266c0dd7efde386b92004b915442db5
SSDEEP

1536:6vEqOQRjPhPCW2Q7ebWgSLzZj0vEU0Pze40sNJT/:6vEqRdC87e7SLzVvPz70sN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10f73f6b036fbeb3aa237f05e2c7efc3_JaffaCakes118

Files

10f73f6b036fbeb3aa237f05e2c7efc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec5897ad7fc5f88cb321dbf634c7447c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetModuleHandleA
GetProcessHeap
Sleep
lstrcmpiA
SuspendThread
GetDriveTypeA
FileTimeToLocalFileTime
GetModuleFileNameA
lstrcmpiA
EndUpdateResourceW
GetBinaryTypeW
lstrcmpiA
GetExitCodeProcess
GetLogicalDrives
SetLastError
lstrcmpiA
GetStdHandle
lstrlenA
lstrcmpiA
CreateNamedPipeA
CreateWaitableTimerW
IsValidCodePage

odbctrac

TraceSQLError
TraceSQLConnect
TraceSQLCancel
TraceVersion

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xml
Size: 1024B - Virtual size: 631B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE