4dfd69b5b769f0ea911ad14623ebff3f_JaffaCakes118

General

Target

4dfd69b5b769f0ea911ad14623ebff3f_JaffaCakes118
Size

100KB
MD5

4dfd69b5b769f0ea911ad14623ebff3f
SHA1

c5690663feb5f6eecdd1e6161c85485339bfba74
SHA256

85370162936c9172e9af95d6f9ca63189aae30b60838c1f6fdaef8d4e789e7e8
SHA512

0fe831cd5cc252dddc9a6580bf6570ac95861e80f64145defc6a5cf8dfad24d800f517341564b2ef64323bace2dbb49ce3998db4a5d2db63cdd35b1fa17fcce0
SSDEEP

1536:hb9QSUHtDX0A7wSBAGUt6ATB7q9Srax1mPzl4vypwUJUhJEBHKaPDjI:19QSotDhvy98yB7qFx1Wzl4vypeEnPg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dfd69b5b769f0ea911ad14623ebff3f_JaffaCakes118

Files

4dfd69b5b769f0ea911ad14623ebff3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

260df29fcc8f6f3e3e89e7177674a2bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_GetUnicodeRedirectionLayer@0
_MessageBox@16
_FormatMessage@28

sqlresld

SQLUIUnloadResourceDLL
SQLUILoadResourceDLL

kernel32

GetUserDefaultLCID
MultiByteToWideChar
GetLastError
LocalFree

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

msvcrt

exit
_initterm
__setusermatherr
__CxxFrameHandler
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
swprintf
_adjust_fdiv
_CxxThrowException
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_exit
_XcptFilter
__p___initenv
__getmainargs
__p__commode

oleaut32

SysFreeString
GetErrorInfo

sqlftwiz

_DoSQLFTWiz@16

semsfc

??BSString@@QBEPBGXZ
?LoadString@SString@@QAEHPAUHINSTANCE__@@I@Z
??1SString@@QAE@XZ
??0SString@@QAE@XZ

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qbvrgjz
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

260df29fcc8f6f3e3e89e7177674a2bf

Headers

File Characteristics

Imports

sqlunirl

sqlresld

kernel32

ole32

msvcrt

oleaut32

sqlftwiz

semsfc

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 148B

.rsrc Size: 76KB - Virtual size: 104KB

qbvrgjz Size: - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 148B

.rsrc
Size: 76KB - Virtual size: 104KB

qbvrgjz
Size: - Virtual size: 4KB