1b46bf46ad0e62c9e2bb6d94e350383e_JaffaCakes118 | Triage

Sharing

General

Target

1b46bf46ad0e62c9e2bb6d94e350383e_JaffaCakes118
Size

123KB
MD5

1b46bf46ad0e62c9e2bb6d94e350383e
SHA1

d2c5cada9b00d4978d20ffdd2baacf53d91e5cd4
SHA256

1ca1093c9c30c086f29fe1f2d4f287ec6937e4d91370cce06110aafad8ead386
SHA512

43f6c989683e2ad574929e2b40e73787f0f55c78c5acdb96c88507e7094f10af12afa04f01a7b6d127177f9e4fc8e40bff801b766975553d6033c9a6649b5445
SSDEEP

3072:Tle8GnCaQEkxFOz3cweP5PFgoeXzhdKq8XD8pU:o3CxFOz3cwm5PBeDmXYpU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b46bf46ad0e62c9e2bb6d94e350383e_JaffaCakes118

Files

1b46bf46ad0e62c9e2bb6d94e350383e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e0eabd8a9eb9bf497b0246cfc8b4787c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessPriorityBoost
GetProcessShutdownParameters
GetGeoInfoA
GetCommandLineW
VirtualAllocEx
VirtualFreeEx
GetLocaleInfoA

odbc32

SQLDescribeParam
SQLBindParameter

glu32

gluTessEndContour
gluTessBeginContour

user32

LoadStringA
LoadBitmapA

Exports

Exports

Qlicexb
Qumwaotsttb
Uydugxgwdg
Wbjkowmjy
IsMpypgklxsq
Obvjriwnsx
ReadPfxscqyoxt
InitIebbjkrqcn

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 41KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ