fb85680e12c419056ecf1a15e6ab3311_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb85680e12c419056ecf1a15e6ab3311_JaffaCakes118
Size

66KB
MD5

fb85680e12c419056ecf1a15e6ab3311
SHA1

958b85ba6f989c6202f0d80370501cc8d59443e5
SHA256

02877df52e3297e0b74d1d24c22dbb9b2eddf340236398ffc0d9b08b622642cb
SHA512

22d55427603af9c064909f66ba92c7d72a89b4922887c17ff7915d78cc74512a8e313472585758fc8cacbbced753a7b5ef013674dbf89cfdd7bb3f3572428181
SSDEEP

1536:AQAh1HGP+c7+Jnihsmy2D1JvR4S0vt3M5AObJ8:QGPLUSxD1Jp/SaJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb85680e12c419056ecf1a15e6ab3311_JaffaCakes118

Files

fb85680e12c419056ecf1a15e6ab3311_JaffaCakes118
.exe windows:5 windows x86 arch:x86

65464bdc57ec27acdec00d2aadff98cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessPriorityBoost
GetStartupInfoA
GetCommandLineW
GetOEMCP
VirtualAlloc
GetACP
VirtualAllocEx

odbc32

SQLBindParameter
SQLParamData

user32

LoadBitmapA
LoadStringA

glu32

gluSphere

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ