5b307a29669c3712bdc93c8b648e4c51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b307a29669c3712bdc93c8b648e4c51_JaffaCakes118
Size

76KB
MD5

5b307a29669c3712bdc93c8b648e4c51
SHA1

3f3eee53a0b3c1e99e10b81a3996841a7ad53289
SHA256

644b02b128293a98177ff65c7f160f51812d07b1a9a21c2774271232cd3f3702
SHA512

d21cb1aff66282178f9e37982bae11af0a8b14823b7174fd95c1cca7f0a2e6007e17ed5311497b6e01813c3e76eed7623f0d198ac0e22a91c423d878d4a003b9
SSDEEP

768:fASl23vjoo01pNe+QJSwlgCd2goiQaCSIwwNJ2bFrVpIySciB9RUYN39l+uq4vPn:fA+5WzWCd2fXwwNJwF7IdnUw7vbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b307a29669c3712bdc93c8b648e4c51_JaffaCakes118

Files

5b307a29669c3712bdc93c8b648e4c51_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

?ExtractServices@@YAHPAD@Z
?InitSQLConnectOff@@YAHPAD@Z
InitSQLConnect
SQLAlloc
SQLClose
SQLExecute
SQLFree
SQLQuery
Uninstall

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ