2873b05a38e3f4eddd958499087a8d25_JaffaCakes118

General

Target

2873b05a38e3f4eddd958499087a8d25_JaffaCakes118
Size

104KB
MD5

2873b05a38e3f4eddd958499087a8d25
SHA1

2fee224d732bcafaf585ed0fe4c64e445e836ba4
SHA256

b8455bde4bd023527176add1aeda397863ed4c024b10edc0e370feb980fea6a6
SHA512

9f7a7243d24edac91d582a7b006f90ad396e45c0d29bd83ba2a877b3c66ca7311ba2ed8b8bf8ebea2f98759cca229091f2fdc1d0dcfdfb464a67276de394f179
SSDEEP

1536:K6Z9WkVEyJHyc1IJ5yTeipvokO2IEdOUGJc5W6ZpgLtOtNk7lQv:K6bWkeKo2ecnO2fdOUwc5W60LtO3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2873b05a38e3f4eddd958499087a8d25_JaffaCakes118

Files

2873b05a38e3f4eddd958499087a8d25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5928b74d9eac7158c9f5f54ccb68c79e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

SQLConnect
PostComponentError
SQLSetConnectOption
SQLDescribeCol
SQLGetTypeInfoA
SQLTablesA
PostODBCError
PostODBCComponentError
CursorLibTransact
SQLFetch
SQLStatisticsA
SQLDriverConnectA
SQLGetDescField
SQLSetEnvAttr
SQLDescribeParam
OpenODBCPerfData
SQLPutData
SQLAllocHandleStd
SQLGetStmtAttrA
SQLGetStmtAttr
SQLCopyDesc
SQLProcedureColumnsA
SQLForeignKeys
SQLColumnPrivilegesA
SQLSetDescFieldA
SQLExecute
SQLColumnPrivileges
SQLColAttribute
SQLAllocHandle
SQLGetConnectAttrA
SQLColAttributeA
SQLGetConnectOptionA
VRetrieveDriverErrorsRowCol
SQLSetPos
SQLTablePrivileges
SQLTransact
SQLExecDirect

advpack

CloseINFEngine
UserUnInstStubWrapper
FileSaveMarkNotExist
DelNode
RegSaveRestoreOnINF
LaunchINFSection
RegSaveRestore
FileSaveRestore
ExecuteCab
RegInstall
DoInfInstall

kernel32

InitializeCriticalSection
ConnectNamedPipe
CreateFileA
HeapCreate
GetVersionExA
GetCurrentThreadId
HeapFree
CloseHandle
GetLastError
PeekNamedPipe
WaitForMultipleObjects
HeapAlloc
SetEvent
FileTimeToDosDateTime
CreateEventA
lstrcpynA
VirtualAlloc
VirtualFree
HeapDestroy
GetFileTime
GetStringTypeExA
OpenEventA
InterlockedPopEntrySList
SetFilePointer
EnterCriticalSection
InterlockedPushEntrySList
CreateNamedPipeA
GetSystemTime
FileTimeToSystemTime
ReadFile
lstrlenA

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5928b74d9eac7158c9f5f54ccb68c79e

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

advpack

kernel32

Sections

.text Size: 61KB - Virtual size: 61KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 34KB - Virtual size: 36KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 61KB - Virtual size: 61KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 34KB - Virtual size: 36KB

.reloc
Size: 512B - Virtual size: 4KB