af63aed1a50a72dfc08919536b59eb18_JaffaCakes118

General

Target

af63aed1a50a72dfc08919536b59eb18_JaffaCakes118
Size

217KB
MD5

af63aed1a50a72dfc08919536b59eb18
SHA1

6fbcfa8f4619ee2afa0119d928463149a0f3b8ce
SHA256

b10e12abbd917c9676cc7087d61eb9eaf53c3602f39670ac5de0bdc1a8c57b6a
SHA512

0e669868176f5ea96e6a289dc97aa1948ce3441b2cf47d22776454fef41b7b9ea3827e391cca1f35ee4e4a11afefffb278a15734cedf094f5a8c80423141b124
SSDEEP

6144:mNnBa6srlaL+/0nDlxgcj8JEwZB9JSOi:MyrgL+/0DlxgcjaVU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af63aed1a50a72dfc08919536b59eb18_JaffaCakes118

Files

af63aed1a50a72dfc08919536b59eb18_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f813a1e713f50c24541c830551189468

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetProcAddress
OutputDebugStringA
OutputDebugStringW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
Sleep
DeleteFileW
GetModuleHandleW
GetLastError
FreeConsole
RemoveDirectoryW
SetFileAttributesW
LocalFree
LocalAlloc
ExitProcess
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DeleteCriticalSection
GetThreadLocale
InterlockedExchange
SetLastConsoleEventActive
GetVersionExW
InitializeCriticalSection
CancelWaitableTimer
GetCPInfoExA
MultiByteToWideChar
lstrlenA
CopyFileW
GetLocaleInfoA

user32

GetKeyState
BringWindowToTop
SendMessageW
GetMenuItemID
GetSubMenu
ModifyMenuW
SetRect
SystemParametersInfoW
DrawStateW
GetSysColor
LoadBitmapW
GetMenuItemCount
CopyRect
SetCursor
CheckMenuItem
GetDC
GetCapture
InflateRect
SetClassLongW
ReleaseDC
LoadCursorW
GetClientRect
GetWindowPlacement
InvalidateRect
GetSystemMetrics
UpdateWindow
EnableWindow
SetWindowRgn
ScreenToClient
DrawTextW
ShowWindow
IsWindow
ShowScrollBar
IsRectEmpty
FillRect
LoadImageW
ShowCursor
SetRectEmpty
DestroyIcon
GetTopWindow
GetParent
GetWindow
SetTimer
GetWindowRect
SetCapture
PostMessageW
KillTimer
GetFocus
TranslateMessage
LoadIconW
OffsetRect
LoadMenuW
EnableMenuItem
GetCursorPos
ReleaseCapture
IsWindowVisible
PtInRect

odbc32

SQLGetTypeInfoA

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 645KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f813a1e713f50c24541c830551189468

Headers

File Characteristics

Imports

kernel32

user32

odbc32

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 66KB - Virtual size: 645KB

.rsrc Size: 17KB - Virtual size: 20KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 66KB - Virtual size: 645KB

.rsrc
Size: 17KB - Virtual size: 20KB