09868a6a6639c44be0a49695a4b62075_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09868a6a6639c44be0a49695a4b62075_JaffaCakes118
Size

293KB
MD5

09868a6a6639c44be0a49695a4b62075
SHA1

4507228ab74dc15a9f12ea410a2008bf8988ebc0
SHA256

90a1170f108f29fefaa4a943997276db9d2c59bfd655ee72b584f457151d5a9f
SHA512

544fa42b365123f041860e2a093bab886103f8d4cfd7e49abe976d9e06f46b089e020d55bfff7c29d3b9746a5053d3f3fa84990a3454ad966dd6a01cb8588f60
SSDEEP

6144:+zLkZoXWoUwLaEt5H+7zM7+76gT9pyIOoPeLStqIUoyYmOSlyQZd3k:+zLkyWY7PivT3ySef1/x7l7ZVk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09868a6a6639c44be0a49695a4b62075_JaffaCakes118

Files

09868a6a6639c44be0a49695a4b62075_JaffaCakes118
.exe windows:4 windows x86 arch:x86

337097161956b98a65b2cd4b87bc6a69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

advapi32

OpenProcessToken

comctl32

CreateToolbarEx

odbc32

SQLFetch

user32

GetMenu

ws2_32

send

comdlg32

ChooseColorA

Sections

.ss
Size: - Virtual size: 13.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ss
Size: 284KB - Virtual size: 288KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE