33999a1b10f89d3369280823b66cffd6_JaffaCakes118 | Triage

Sharing

General

Target

33999a1b10f89d3369280823b66cffd6_JaffaCakes118
Size

104KB
MD5

33999a1b10f89d3369280823b66cffd6
SHA1

d3c8eee9b4109641255f010f1c764328721ed3af
SHA256

53b2cbef122b7a360dba7644886dfad4f040ed2ebf094fe87043b3c65b0bcbee
SHA512

b1b7962568be35d3fb6f6e2eb2c7b71fd6d5e37d70ddabc6d09d9ac54ab480f2ac7d4278ab874b734dbe8e51170a5a06a2c81edbc153f6a1fba9cfbb6d8b9574
SSDEEP

1536:gJpyOE1C90AdDNo75J84L67uKPYgat85tEKcyc2VDcm06tqfVXhwwA9tWLe:myl1uH67T8P7Qga3KcyjbHCg92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33999a1b10f89d3369280823b66cffd6_JaffaCakes118

Files

33999a1b10f89d3369280823b66cffd6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc6e3c438e6d60990a7c9549f8eb9aa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_DeleteFile@4

autowiz

DoAutoPilotWithTracefile
DoAutoPilotWizard

pfutil80

??1CSharedMemory@@UAE@XZ
?MeFirst@CSharedMemory@@QAEHXZ
??0CSharedMemory@@QAE@IPBG@Z
?Lock@CSharedMemory@@QAEHXZ
?Unlock@CSharedMemory@@QAEHXZ

msvcrt

?terminate@@YAXXZ
exit
_wcmdln
_XcptFilter
memset
__CxxFrameHandler
??3@YAXPAX@Z
memcpy
??2@YAPAXI@Z
wcscpy
wcschr
_except_handler3
_exit
_adjust_fdiv
__setusermatherr
__wgetmainargs
_initterm
_controlfp
__p__commode
__p__fmode
__set_app_type

kernel32

GetStartupInfoW
GetModuleHandleW

Exports

Exports

??0CSharedMemory@@QAE@ABV0@@Z
??4CSharedMemory@@QAEAAV0@ABV0@@Z
??_7CSharedMemory@@6B@

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�/"D�
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE