3855d6695845027ac468f8b7b246b41e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3855d6695845027ac468f8b7b246b41e_JaffaCakes118
Size

377KB
MD5

3855d6695845027ac468f8b7b246b41e
SHA1

b5b352c9f27e4629049df8061d8bd87e7792e6eb
SHA256

1df69892d41977090deca615254ca7b85d4031ff009fcbd6324dc63282561f73
SHA512

9d68247dd07292dcdf10c1f6f2df53f7f4ecee8bfc5de9deb25282fdaa701a33a7c2cb42576b39602f0773a3e3ca432fcc07c5ba61b8e9976fc4002ed1b9c2e1
SSDEEP

6144:XObOvsSkEus4hrR8x+BuRC+aChHc+FLWq3fTZ/qvPj0l+hX3lUEQeFWf3ge8hRfb:+wsSR+W+Bx+1NcQLXF/qv8+l3l3Fheaf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3855d6695845027ac468f8b7b246b41e_JaffaCakes118

Files

3855d6695845027ac468f8b7b246b41e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

037690652f86ff6f033755d6dcbd9342

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleW
OutputDebugStringW
GetStartupInfoA
GetTickCount
QueryPerformanceFrequency
RaiseException

user32

DdeDisconnect

advapi32

RegOpenKeyExA
RegQueryValueExA

odbc32

SQLFreeHandle

Sections

.text
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ