a5079d2183bdf000710a2f4edcfdf3f8_JaffaCakes118 | Triage

Sharing

General

Target

a5079d2183bdf000710a2f4edcfdf3f8_JaffaCakes118
Size

339KB
MD5

a5079d2183bdf000710a2f4edcfdf3f8
SHA1

30b0878b0285627b19213857764b15e0fc93ac62
SHA256

34b6799f07c656918d96639d13b299b26ee7b592629d217438eff8b4b277d1fb
SHA512

9f4adcafb379c4a9020f3e8fc00f532913f99e47429c512b3787bd4fbba67bbb3335ffd31a475c98e833d169681798f4d1594b01c22ee594e965a5b0ecb36872
SSDEEP

3072:XT0d08AmyS59HEjD7sgFX7VdlT+FwKd7Z6EOJRY/nddAAWJZSoB+TrV6dDz6uQBe:jW559ybrVnqoc1WJZSo48d6vBraCrs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5079d2183bdf000710a2f4edcfdf3f8_JaffaCakes118

Files

a5079d2183bdf000710a2f4edcfdf3f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eda46cc30da9af6a3aaa56cc4860660a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetTempFileNameA
GetProcAddress
OpenJobObjectW
FormatMessageW
ReadConsoleA
LoadLibraryExW
OpenFileMappingW
IsBadReadPtr
FindResourceExW
IsBadStringPtrW
SetLastError
CreateFileW
CreateJobObjectA
GlobalAddAtomA
LoadLibraryA
GetConsoleTitleA
GetPrivateProfileStringW
SleepEx
CreateJobObjectA
FileTimeToLocalFileTime

user32

FindWindowA
GetPropA
PostMessageW
wsprintfA
CreateWindowExA
CharToOemA
DispatchMessageW
LoadIconA
DrawStateA
GetMessageA
DialogBoxParamA
MessageBoxA

odbctrac

TraceSQLCancel
TraceSQLFetch
TraceSQLBindCol
TraceSQLConnect
TraceSQLError

Sections

.text
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE