fdc92f53f0e4652b9a96f69e7b41c84f_JaffaCakes118 | Triage

Sharing

General

Target

fdc92f53f0e4652b9a96f69e7b41c84f_JaffaCakes118
Size

641KB
MD5

fdc92f53f0e4652b9a96f69e7b41c84f
SHA1

1a2e7b727a04236d67a72711e278cbaf1d7d8fe8
SHA256

bda4ed1a906b51be9025436b10bf7abb55bc17dd6af5a205fc26539b636c7eee
SHA512

41952128e6f3dd8c69301a4bde82db4dee6f8d6da0df908fa2f7471e5297b3415ce67284ba6a1a8921721ace080c8acdc2f6181d6a409d97624229407a50861b
SSDEEP

12288:kYguepxtxKplHpj/a7Wr9DU7iKR4ILzbiPXBE1tSlGh0Sv1rY3:MbUfJjzx0HR4ILzG/BE1tmi0SdG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdc92f53f0e4652b9a96f69e7b41c84f_JaffaCakes118

Files

fdc92f53f0e4652b9a96f69e7b41c84f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

59f9585ef5f1b676ee412935b34fe6ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

odbctrac

TraceSQLConnect
TraceSQLFetch
TraceSQLBindCol

kernel32

SetErrorMode
FindFirstFileA
FormatMessageA
CreateProcessW
GetSystemDirectoryA
FileTimeToSystemTime
GetEnvironmentVariableW
CreateSemaphoreA
GetVolumeInformationW
GetModuleHandleA
OpenFileMappingW
GetProcAddress
GetCurrentThread
Sleep
GetTickCount
ReadFile
OpenEventW
MapViewOfFile
HeapFree
GetFileAttributesW
HeapAlloc
CreateFileA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.yml
Size: 627KB - Virtual size: 626KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ