2a81ab965fa14dc45489f1047874fc4f_JaffaCakes118 | Triage

Sharing

General

Target

2a81ab965fa14dc45489f1047874fc4f_JaffaCakes118
Size

379KB
MD5

2a81ab965fa14dc45489f1047874fc4f
SHA1

4187a4c5c85141d69147c3f917bb19fedefd9c1e
SHA256

1626b1c5dc64d48b3fe108b6a703115d4345043e4be1e867cdab1ad48507e1f0
SHA512

4bd443e095806c3b0c3040d6e825a8c8d248fc4adac1f8e07b5b6ac9b5b1f604e1ae4b4c3c0b702bf4fd6b5d2e81aea134926d0c9fa216b95720b78c1f4d469c
SSDEEP

6144:N52qOIetQxrck4sIHrhhjgfXPaLTmaohNj/GaEUSicwoieclC2vZETWLU3yfcsRN:vOI2Qik4sIHr0PyG5/dSicwoqC2BVLUe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a81ab965fa14dc45489f1047874fc4f_JaffaCakes118

Files

2a81ab965fa14dc45489f1047874fc4f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c2032835cf8c513ace81a70c8a98ad62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleW
OutputDebugStringA
GetStartupInfoA
GetTickCount
QueryPerformanceFrequency
RaiseException

user32

UnregisterClassA
DdeDisconnect

odbc32

SQLFreeHandle

advapi32

RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ