0bcf943f1d494b4f3153363d2afd0f30_JaffaCakes118

General

Target

0bcf943f1d494b4f3153363d2afd0f30_JaffaCakes118
Size

398KB
MD5

0bcf943f1d494b4f3153363d2afd0f30
SHA1

6baadc0e4879d6c4e9bc95a68194b22c25f9f4d7
SHA256

94e6b916571f4d7c9596e5cf94bae2aa416f25443b8d50b7ba884123ed9fe2e9
SHA512

65d5b9a1a68ef1042ec6a7d16cbf23604604bdf0432cd986cdcdf1d2d62a786ee3a8ee5b842c7556f06810f89a186bc110d407d0a0f16fa6fa0548ff1e29abb0
SSDEEP

6144:wwj7oQsgsvozVT3dvwDMWn9PeMI2ddad8Qr0sy+PMPmaLF9qsO+vgf3:VoQHsvGdvwHPwUad8QCnP/p9qO4f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bcf943f1d494b4f3153363d2afd0f30_JaffaCakes118

Files

0bcf943f1d494b4f3153363d2afd0f30_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f813a1e713f50c24541c830551189468

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetProcAddress
OutputDebugStringA
OutputDebugStringW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
Sleep
DeleteFileW
GetModuleHandleW
GetLastError
FreeConsole
RemoveDirectoryW
SetFileAttributesW
LocalFree
LocalAlloc
ExitProcess
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DeleteCriticalSection
GetThreadLocale
InterlockedExchange
SetLastConsoleEventActive
GetVersionExW
InitializeCriticalSection
CancelWaitableTimer
GetCPInfoExA
MultiByteToWideChar
lstrlenA
CopyFileW
GetLocaleInfoA

user32

GetKeyState
BringWindowToTop
SendMessageW
GetMenuItemID
GetSubMenu
ModifyMenuW
SetRect
SystemParametersInfoW
DrawStateW
GetSysColor
LoadBitmapW
GetMenuItemCount
CopyRect
SetCursor
CheckMenuItem
GetDC
GetCapture
InflateRect
SetClassLongW
ReleaseDC
LoadCursorW
GetClientRect
GetWindowPlacement
InvalidateRect
GetSystemMetrics
UpdateWindow
EnableWindow
SetWindowRgn
ScreenToClient
DrawTextW
ShowWindow
IsWindow
ShowScrollBar
IsRectEmpty
FillRect
LoadImageW
ShowCursor
SetRectEmpty
DestroyIcon
GetTopWindow
GetParent
GetWindow
SetTimer
GetWindowRect
SetCapture
PostMessageW
KillTimer
GetFocus
TranslateMessage
LoadIconW
OffsetRect
LoadMenuW
EnableMenuItem
GetCursorPos
ReleaseCapture
IsWindowVisible
PtInRect

odbc32

SQLGetTypeInfoA

Sections

.text
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f813a1e713f50c24541c830551189468

Headers

File Characteristics

Imports

kernel32

user32

odbc32

Sections

.text Size: 255KB - Virtual size: 255KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 133KB - Virtual size: 449KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 255KB - Virtual size: 255KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 133KB - Virtual size: 449KB

.rsrc
Size: 6KB - Virtual size: 8KB