85aced3b27f2bfa989bef973018ec49a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85aced3b27f2bfa989bef973018ec49a_JaffaCakes118
Size

219KB
MD5

85aced3b27f2bfa989bef973018ec49a
SHA1

0044b6ea2fd85cf3994bd4b245d6efb0fe1920bb
SHA256

563e91ec24c37ceef165028d5ceefbbb021791e855cb6f493c1b2943a2e58f68
SHA512

d5f82f85f5f60f1e498ff9f06b056b3b174584ec51ec48e89d2b4ca37aa16e9e106c7c726b32ed35de4a6541c2edcf43d41ed77aa012b2a7e2e4db71e46cfd1e
SSDEEP

6144:jF1mv1FDLwWZeMkmIBn2Sdgo7FGjPZ5ioV:R1M/UWsMB2nx3FGjPZ5J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85aced3b27f2bfa989bef973018ec49a_JaffaCakes118

Files

85aced3b27f2bfa989bef973018ec49a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

086953713e847f5b18e2b650cf953030

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
OutputDebugStringW
GetNativeSystemInfo
QueryPerformanceFrequency
RaiseException

user32

DdeDisconnect

advapi32

RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExA
RegSetValueExW
RegCloseKey

odbc32

SQLRowCount

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 643KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ