ab26b731706e767290eec6a209084ec0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab26b731706e767290eec6a209084ec0_JaffaCakes118
Size

378KB
MD5

ab26b731706e767290eec6a209084ec0
SHA1

6a790faf3b7038672cfdeaf5a0fa23fbdc300bbd
SHA256

2c826792e221f7112a3d7bd27eb9e778d1efb1350baaad74f60febb2954165f5
SHA512

7dafe16069d1ed974197e91e5ffa5a01641c39f3d36f63d7786b6db0128be6102615dda215ccc0cd6fc6346203a745b1e49fe43cd8702033d8eeee4c87a3c904
SSDEEP

6144:vcOb1sRUIQMZdj+MzdvKOVwf/4Jbfi+gTwaK+RczbIHvHTj1+IB/6:Tpselm7+f/QfKcPId+It

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab26b731706e767290eec6a209084ec0_JaffaCakes118

Files

ab26b731706e767290eec6a209084ec0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

50eeeeddde300914f2e7fa95b9bc05a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
OutputDebugStringW
GetNativeSystemInfo
QueryPerformanceFrequency
DisconnectNamedPipe

user32

DdeDisconnect

advapi32

RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExA
RegSetValueExW
RegCloseKey

odbc32

SQLBulkOperations

Sections

.text
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ