007041afa7ef321e9a04aac13132cad8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

007041afa7ef321e9a04aac13132cad8_JaffaCakes118
Size

1.1MB
MD5

007041afa7ef321e9a04aac13132cad8
SHA1

d92c4a6f42efa7fab46b62bc91d0e6662586f459
SHA256

1ab5b728ec4a657ec727398f513787aeec329ccd9ef7d3143b0b95f0f547b657
SHA512

8fd2a28b6a6c45bfd9e2d7abe995942c8105ed0cadb820c2e8c576e590c9f46eeea07ffab082ea16969cbe5ef29ef63a35bc04b79337eace6dabd718cf03a4c3
SSDEEP

24576:dyU3AjRtEkJ1EzHx+z7wysE8ksIiJqSGYYWFY0of4ID71Kf:w/J2zRywS9i0CFY0oAGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007041afa7ef321e9a04aac13132cad8_JaffaCakes118

Files

007041afa7ef321e9a04aac13132cad8_JaffaCakes118
.exe windows:3 windows x86 arch:x86

6fa8e6d50d0c933c1fbcbad0ed82fc1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

SQLPrimaryKeys
SQLConnectA
SQLErrorA
ODBCGetTryWaitValue
SQLGetStmtAttrA
SQLDriverConnect
ODBCSetTryWaitValue
SQLProcedureColumnsA
SearchStatusCode
SQLColumnsA
SQLSetConnectOption
SQLGetTypeInfoA
SQLBrowseConnectA
SQLGetFunctions
CollectODBCPerfData
SQLExtendedFetch
SQLGetDescRec
SQLSetDescFieldA
SQLBulkOperations
SQLColumnPrivilegesA
SQLSetStmtAttrA
SQLTables
SQLDataSourcesA
SQLRowCount
SQLDataSources
SQLProcedures
SQLMoreResults
SQLSetConnectAttr
SQLProcedureColumns
SQLGetDiagRecA
SQLBindParam
SQLExecDirect
CursorLibTransact
SQLSetPos
SQLForeignKeys
SQLGetData
SQLFetch

user32

DefWindowProcA
GetMessageA
DispatchMessageA
CreateWindowExA
DestroyWindow
EndPaint
SendMessageA
UpdateWindow
BeginPaint
TranslateMessage
ShowWindow
RegisterClassA

kernel32

SetFirmwareEnvironmentVariableA
InterlockedDecrement
HeapFree
SetEvent
GetThreadPriorityBoost
InterlockedIncrement
GetCurrentThread
SystemTimeToFileTime
SetProcessPriorityBoost
ExitProcess
IsBadStringPtrA
FileTimeToSystemTime
VerSetConditionMask
InterlockedCompareExchange
SetFilePointerEx
HeapDestroy
WaitForMultipleObjects
SetFilePointer
TransactNamedPipe
HeapCreate
VirtualAlloc
GetLastError
HeapQueryInformation
InterlockedExchangeAdd
GetSystemTime
PeekNamedPipe
lstrlenA
InterlockedExchange
CreateEventA
ConnectNamedPipe
GetEnvironmentStringsA
GetFileTime
OpenEventA
CloseHandle
DisconnectNamedPipe
VirtualFree
GetCurrentProcess
HeapAlloc
ExpandEnvironmentStringsA
CreateFileA
GetStringTypeA
CreateNamedPipeA
FreeEnvironmentStringsA
GetVersion
ReadFile

Sections

.text
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 227KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fa8e6d50d0c933c1fbcbad0ed82fc1e

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

user32

kernel32

Sections

.text Size: 588KB - Virtual size: 588KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 227KB - Virtual size: 3.3MB

.text
Size: 588KB - Virtual size: 588KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 227KB - Virtual size: 3.3MB