2a7dcec45fd73e0784fc59778baa0b55_JaffaCakes118 | Triage

Sharing

General

Target

2a7dcec45fd73e0784fc59778baa0b55_JaffaCakes118
Size

337KB
MD5

2a7dcec45fd73e0784fc59778baa0b55
SHA1

3bc4bfcd27e257989d61571b8f473e649bfa5a55
SHA256

b7b66081d3c0f0587bb8a6f51044e38a6b5dbbca5b2aa93f26ff9fc63342d1c2
SHA512

4bb8bc29ad61f701176cc050c6a28319536c79c7e2c0f3aa89e4d49fa820bee5512ac3589419fc0927a95a5a42bd06a6e30b6203970031f8dea54cf2d4e15e4e
SSDEEP

6144:KBgXI/2oxL7/w6H9NA/Q6yWzq6xiBifVr5D1xdIsID9PmZhO:aj/2o9Y6H4KiiMtr3xdHEks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a7dcec45fd73e0784fc59778baa0b55_JaffaCakes118

Files

2a7dcec45fd73e0784fc59778baa0b55_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e2632788e23031a558e617abc029348f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentProcessId
LeaveCriticalSection
GetCurrentThreadId
OutputDebugStringW
FreeLibrary
GetStartupInfoA
GetTickCount
QueryPerformanceFrequency
IsDebuggerPresent
RaiseException

user32

CharNextW
UnregisterClassA
FindWindowA

odbc32

SQLFreeConnect

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExW

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 811KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ