03907bd3407597b904adcd1460552d28_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03907bd3407597b904adcd1460552d28_JaffaCakes118
Size

1.1MB
MD5

03907bd3407597b904adcd1460552d28
SHA1

4e2ae3036f6d464a8e0952c7b92c06792f4d1b61
SHA256

d5d34881ea68237a187ec59b90a70bf4a7b5ebf59875757461afe110f59a2219
SHA512

0cc2cf50278f5caa22a84bf824b6995df6ed7c24fce74e240228e37b5329772a7054d621c0226e89329f3eac8a7680af79f69e226b17311f1212fc8ff0133d3f
SSDEEP

24576:BteEJoYPfVBQP1E9fwHrtRBfYhqDAx23Ha/FMiD+hc:Bt5JXfPjIHxRBfMyG2+FMiD+hc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03907bd3407597b904adcd1460552d28_JaffaCakes118

Files

03907bd3407597b904adcd1460552d28_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GenerateSQL
GetQuerySQLFromConfigXMLText

Sections

Size: 1.0MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE