bdf0ad07bb884bc57185e3d285a76017_JaffaCakes118

General

Target

bdf0ad07bb884bc57185e3d285a76017_JaffaCakes118
Size

284KB
MD5

bdf0ad07bb884bc57185e3d285a76017
SHA1

5290e7d69ce482a818fd07204848fa8ea2d013e9
SHA256

dc81be2e45fa2a94efeabc5b531a44c0ac8c0523d5bf6101f43ea68cb386e325
SHA512

c81138f0a2c7db584c0a78fe85c205bd8ce675de69cee11a6ea6de5acd0f51d6bb603088eba3bdd04b892ca1dcb07219d50f1a9fc9edb637587d81f9a2d6f2a3
SSDEEP

6144:fHnkgtR8lF2pJvrmnOkbJ5uOC0BMbaic:PzyWJvrmnOkbJ57W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdf0ad07bb884bc57185e3d285a76017_JaffaCakes118

Files

bdf0ad07bb884bc57185e3d285a76017_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28679bc71aaa1cad6fc1bd72a39267db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DefineDosDeviceA
GetCurrentThread
GetSystemWindowsDirectoryA
GetProcessWorkingSetSize
GetFileTime
MapUserPhysicalPages
VirtualAlloc
GetEnvironmentStringsA
GetVolumeInformationA
WriteConsoleOutputCharacterA
OpenProcess
GetConsoleWindow
GetProcessVersion
GetCurrentConsoleFont
FindResourceA
GetFileType
TlsAlloc
GlobalGetAtomNameA
SetErrorMode
AddAtomA
GetEnvironmentStringsA
SetConsoleScreenBufferSize
SetFilePointer
WritePrivateProfileSectionA
GetConsoleOutputCP
FreeEnvironmentStringsA
TlsGetValue
SetEndOfFile
GetProcessIoCounters
WriteConsoleOutputA
GetTapePosition
ClearCommBreak
ChangeTimerQueueTimer
TerminateProcess
TermsrvAppInstallMode
FindFirstVolumeMountPointA
RequestWakeupLatency
GetLogicalDrives
GetDiskFreeSpaceA
IsBadHugeWritePtr
WaitForSingleObject
GetFileAttributesExA
OpenSemaphoreA
GetCommState
GetBinaryTypeA
IsDebuggerPresent
GetConsoleKeyboardLayoutNameA
ExpungeConsoleCommandHistoryA
EnumResourceLanguagesA
GetModuleFileNameA
RequestDeviceWakeup
LZCopy
OpenMutexA
LockFileEx
CloseConsoleHandle

odbc32

SQLExecDirect

advapi32

LookupPrivilegeValueA
RevertToSelf

opengl32

glBegin

glu32

gluProject

Sections

.itext
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28679bc71aaa1cad6fc1bd72a39267db

Headers

File Characteristics

Imports

kernel32

odbc32

advapi32

opengl32

glu32

Sections

.itext Size: 4KB - Virtual size: 1KB

.rdata Size: 12KB - Virtual size: 227KB

.data Size: 4KB - Virtual size: 980B

.rsrc Size: 260KB - Virtual size: 257KB

.itext
Size: 4KB - Virtual size: 1KB

.rdata
Size: 12KB - Virtual size: 227KB

.data
Size: 4KB - Virtual size: 980B

.rsrc
Size: 260KB - Virtual size: 257KB