efefd3dce6252338318f06be8c7d4166_JaffaCakes118

General

Target

efefd3dce6252338318f06be8c7d4166_JaffaCakes118
Size

20KB
MD5

efefd3dce6252338318f06be8c7d4166
SHA1

5508761a6c6ec874bb6c6ac3d726a798790dada7
SHA256

25c8cb3360e534746a541fe48afa4b7ba742ca81c8bd02ccefb7a05b4b2fb375
SHA512

3ad00cc2fa396f42cae5388e425b827beb3607efc28951da43e2c7bcfdaa750ff683fb67a56c5b549961c49a1a3a527718334a00be4c01c00093fdf54e5adcf2
SSDEEP

96:SuVlP+FZJnIkUrnVeDepaPn/oHCEQB42OeJ9/PtboynVV//LyP4W4B4pWZl:FYc7n4ipRi7B42rxP1oynVVPW4B4pWv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efefd3dce6252338318f06be8c7d4166_JaffaCakes118

Files

efefd3dce6252338318f06be8c7d4166_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f445ad3c7683eaa2b932a9c3d8d6db1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_GetUnicodeRedirectionLayer@0

sqlresld

SQLUILoadResourceDLL

kernel32

GetStartupInfoA
MultiByteToWideChar
GetModuleHandleA
GetUserDefaultLCID

advapi32

RegOpenKeyExW
RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

msvcrt

__getmainargs
__set_app_type
strcat
_stricmp
strcpy
wcscat
_wcsicmp
wcscpy
_exit
_XcptFilter
exit
_acmdln
_onexit
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_except_handler3
_controlfp
__dllonexit

ole32

CoCreateInstance
CoInitialize
CoUninitialize

semsfc

?SetMainHelpCollection@SHelp@@QAEXPBG0@Z
?FreeLib@SHelp@@QAEXXZ
?SGetWindowsPlatform@@YAIXZ
?GetApp@SApplication@@SAPAV1@XZ
?SetMainHelpFile@SHelp@@QAEXPBG0@Z

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mjg
Size: - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0f445ad3c7683eaa2b932a9c3d8d6db1

Headers

File Characteristics

Imports

sqlunirl

sqlresld

kernel32

advapi32

msvcrt

ole32

semsfc

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 364B

.rsrc Size: 4KB - Virtual size: 1KB

.mjg Size: - Virtual size: 37KB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 364B

.rsrc
Size: 4KB - Virtual size: 1KB

.mjg
Size: - Virtual size: 37KB