dd466c1856a777beb0df443d3cf71be2_JaffaCakes118

General

Target

dd466c1856a777beb0df443d3cf71be2_JaffaCakes118
Size

300KB
MD5

dd466c1856a777beb0df443d3cf71be2
SHA1

7accb6247e0205ce414a4f4978f6763620c082f2
SHA256

483040b5e8476f18e303ad26e2428f377d72554261dcc85d064fddba980a76fd
SHA512

fa1f84cc0e85af08828ea0a2f5a2cf9dac9e322f43e15051cf4478a0d04d75ef70645396c3b1eabe0220672331530be909a72dca99405fb6b31e9b97dfd0c564
SSDEEP

6144:Vgdizzv/Va6z5hr06Fdpbt5z9lrB4SSo/MX/tXxNJd4J2kX:NVa6z5hFdpZ5XBvSHPtXxrI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd466c1856a777beb0df443d3cf71be2_JaffaCakes118

Files

dd466c1856a777beb0df443d3cf71be2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e6eb0f065e365dee356ec39388571a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
FindNextFileA
BuildCommDCBA
GetDefaultCommConfigA
GetTempPathA
WaitForDebugEvent
GetComputerNameExA
TlsAlloc
GlobalHandle
TlsGetValue
SetConsoleWindowInfo
GetCurrentProcess
GlobalFree
RemoveDirectoryA
CancelTimerQueueTimer
GetDiskFreeSpaceExA
GetEnvironmentStringsA
ExitProcess
VirtualAllocEx
GetConsoleInputExeNameA
GetComputerNameA
LoadModule
WritePrivateProfileStringA
IsBadHugeReadPtr
SetErrorMode
FreeResource
GetProcessPriorityBoost
WaitForSingleObject
ReadFileScatter
IsBadStringPtrA
GetProfileSectionA
FindFirstFileExA
RequestDeviceWakeup
GetFileType
EndUpdateResourceA
GetCommandLineA
SetConsoleLocalEUDC
WriteConsoleOutputCharacterA
GetNumberOfConsoleInputEvents
SetConsoleOutputCP
CloseHandle
GetLogicalDrives
SetVolumeMountPointA
GetCurrentDirectoryA
WriteConsoleOutputA
GetFileType
SetComputerNameA
SetEvent
GetPrivateProfileStructA
LZDone
GetConsoleMode
SetHandleContext
GetNumberOfConsoleInputEvents
GetProcessPriorityBoost
GetEnvironmentStringsA
DeleteFileA
BuildCommDCBAndTimeoutsA

odbc32

SQLBindCol

Sections

.text
Size: 12KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e6eb0f065e365dee356ec39388571a8

Headers

File Characteristics

Imports

kernel32

odbc32

Sections

.text Size: 12KB - Virtual size: 212KB

.rdata Size: 8KB - Virtual size: 4KB

.rsrc Size: 276KB - Virtual size: 273KB

.text
Size: 12KB - Virtual size: 212KB

.rdata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 276KB - Virtual size: 273KB