c7ccdafce442490e016066ef4fda6970_JaffaCakes118

General

Target

c7ccdafce442490e016066ef4fda6970_JaffaCakes118
Size

300KB
MD5

c7ccdafce442490e016066ef4fda6970
SHA1

27515be777250c87ef5a7c2d3b909c6bc2801673
SHA256

46ebfc0ceb90e61aac1668b17802e5917228e7af44f1a7d211e47137fa413ede
SHA512

a9314cfca0a90a79041999194f65c87744a919668ed575e744a381471ddc2df5d6af6d7faf653dee1ed4a19ff79ff8595bbb554c737abd845b81266744da23da
SSDEEP

6144:QW8UCuUQ+1hVSkppBHyHqnEQdPA+zwLM9/VwIGS:DFFUQ+1hAiHyHgxA+zSI9wI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ccdafce442490e016066ef4fda6970_JaffaCakes118

Files

c7ccdafce442490e016066ef4fda6970_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb1ae736e57971ce1322155ecf768f8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetLogicalDriveStringsA
GetPrivateProfileSectionA
GetEnvironmentStringsA
HeapSetInformation
GetComputerNameExA
GetFileSize
SetErrorMode
LZOpenFileA
OpenFileMappingA
GetVolumePathNameA
GetComputerNameExA
GetConsoleCommandHistoryA
TlsGetValue
GetProcessId
VirtualAllocEx
SetEnvironmentVariableA
ResetWriteWatch
ReadFileEx
CreateFileMappingW
OpenEventA
GetCommMask
GetConsoleCP
WritePrivateProfileStringA
HeapFree
WriteConsoleInputA
GetCurrentDirectoryA
GetCommModemStatus
GetFileType
SetHandleContext
LZStart
SetFileAttributesA
SetThreadUILanguage
LocalFlags
DeleteAtom
ReleaseMutex
WideCharToMultiByte
DisconnectNamedPipe
GetCurrentDirectoryA
WaitForSingleObject
ReleaseMutex
IsWow64Process
SuspendThread
ReadConsoleOutputA
GetConsoleCursorMode
FindFirstFileA
GetConsoleKeyboardLayoutNameA
GetDevicePowerState
GetStdHandle
FlushConsoleInputBuffer
WriteProcessMemory
GlobalAddAtomA
EnumSystemLocalesA
Thread32Next
IsBadStringPtrA
GetLocaleInfoA
HeapDestroy

odbc32

SQLBindCol

Sections

.text
Size: 12KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb1ae736e57971ce1322155ecf768f8b

Headers

File Characteristics

Imports

kernel32

odbc32

Sections

.text Size: 12KB - Virtual size: 214KB

.rdata Size: 4KB - Virtual size: 1KB

.rsrc Size: 280KB - Virtual size: 276KB

.text
Size: 12KB - Virtual size: 214KB

.rdata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 280KB - Virtual size: 276KB