0630ae4e69d3f6cdbd6029204006a096_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0630ae4e69d3f6cdbd6029204006a096_JaffaCakes118
Size

28KB
MD5

0630ae4e69d3f6cdbd6029204006a096
SHA1

796cf8505555427db8fda267f324c26d92ed98a8
SHA256

a985ea9e4ea3a1a3825c84b4b13686dc0a2d160b5f5072f67fd3252b39724108
SHA512

7eff71b67fafa9075525ade4de9ced73e5411c8f9f47a690115d644f670afdb0ecebeb5448eb23b3cf2d4ff7f76bd0242f1941f861fa9e31bb7e51716e606df2
SSDEEP

384:bFnQG9nF1euuJ62q4OvlbjqKqOQWEQDWW6/:NQG9nFoug6FvBqO6QDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0630ae4e69d3f6cdbd6029204006a096_JaffaCakes118

Files

0630ae4e69d3f6cdbd6029204006a096_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a3e8b3f2bae7310b924ac92556c6a44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

odbc32

ord111
ord61
ord139
ord3
ord141
ord1
ord150
ord15
ord9
ord2
ord14
ord136
ord135
ord16

kernel32

WriteFile
GlobalAlloc
MultiByteToWideChar
GlobalFree
GetModuleHandleA
SetFilePointer
GetLastError
GetConsoleOutputCP
WideCharToMultiByte
FlushFileBuffers
GetStdHandle
GetPrivateProfileSectionW

user32

LoadStringA
LoadStringW

msvcrt

_controlfp
wcschr
wcslen
__set_app_type
__p__fmode
_except_handler3
_adjust_fdiv
__setusermatherr
__p__commode
__wgetmainargs
__p___winitenv
_initterm
_XcptFilter
_exit
__dllonexit
exit
_onexit
??2@YAPAXI@Z
??3@YAXPAX@Z
_wtoi
swprintf
vswprintf
wcsncpy
wcsstr
wcscat
wcscpy
wcsrchr

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ