34629d38db45a5ef7429695830705ed7_JaffaCakes118

General

Target

34629d38db45a5ef7429695830705ed7_JaffaCakes118
Size

296KB
MD5

34629d38db45a5ef7429695830705ed7
SHA1

65762071fa376350e8c38c3393b1c20a8ab2535d
SHA256

5b86e1ce6fc257faaa653a9f3b33cae76aa891ecdd596cabfb61cd73153aef64
SHA512

891b341f048b94b4b04f18bc17779a9a8fdb35f024adbb21a695861783f4d5e5d4cd8b2ba0c7e7c7b4013853734aae11e793e535159791b1d581e2e1a6969262
SSDEEP

6144:DgCVLUOwJx3f0vWeCv3ERqPb/xrZQeBRVZEFCVSIhqaITN8gfXByl:0CpUOk3f6WTv3EUbZrZF9ZkIh2JnRy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34629d38db45a5ef7429695830705ed7_JaffaCakes118

Files

34629d38db45a5ef7429695830705ed7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f4b97a14b1c9108c099ae5b5d6134be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCursorMode
SystemTimeToTzSpecificLocalTime
GetCurrentThreadId
WritePrivateProfileStructW
GetComputerNameExA
SetTapeParameters
GetWindowsDirectoryA
GetVersionExA
IsProcessorFeaturePresent
GetLogicalDrives
FreeEnvironmentStringsA
GetComputerNameExA
EnumTimeFormatsA
GetTickCount
GetPrivateProfileStringA
SetConsoleInputExeNameA
SetHandleContext
GetDefaultCommConfigA
TlsFree
OpenSemaphoreA
GetSystemDirectoryA
GetCommState
GetThreadContext
VirtualAllocEx
GetConsoleCP
EndUpdateResourceA
SetErrorMode
GetCurrentProcessId
TerminateProcess
ChangeTimerQueueTimer
IsBadCodePtr
CopyFileExW
GetComputerNameA
WriteConsoleOutputA
SetHandleInformation
ReadFileScatter
ReplaceFileA
DeleteAtom
LockResource
GetPrivateProfileStructA
FindFirstChangeNotificationA
GetStartupInfoA
GetFileAttributesExA
WaitForSingleObject
SetThreadPriorityBoost
GetExpandedNameA
RemoveDirectoryA
ReleaseSemaphore
LoadLibraryA
FindFirstFileExA
GetConsoleCommandHistoryLengthA
WriteConsoleOutputCharacterA
Module32First

odbc32

SQLBindCol

Sections

.text
Size: 12KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f4b97a14b1c9108c099ae5b5d6134be

Headers

File Characteristics

Imports

kernel32

odbc32

Sections

.text Size: 12KB - Virtual size: 214KB

.rdata Size: 4KB - Virtual size: 2KB

.rsrc Size: 276KB - Virtual size: 275KB

.text
Size: 12KB - Virtual size: 214KB

.rdata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 276KB - Virtual size: 275KB