0b56b87c518fa19450742ddfe50246cd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0b56b87c518fa19450742ddfe50246cd_JaffaCakes118
Size

1.1MB
MD5

0b56b87c518fa19450742ddfe50246cd
SHA1

0564189726cc45d19bcc95e7d0dff9520b7046d2
SHA256

c4bd625a5f330619c523e5b04a53cbc60b8a7080090a432fbcac83e41f005156
SHA512

8b3eb5bdbd783592f5e6f3830f8740a9452324d0f5775dafb94e2f1049592d2aaa29d85e8cc22352ca10402cb8d14336ce64d4113963b85d9106b2223ae880da
SSDEEP

24576:dyU3AjRtEkJ1EzHx+z7wysE8ksIiJqSGYYWFY0of4ID71:w/J2zRywS9i0CFY0oAG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b56b87c518fa19450742ddfe50246cd_JaffaCakes118

Files

0b56b87c518fa19450742ddfe50246cd_JaffaCakes118
.exe windows:3 windows x86 arch:x86

6fa8e6d50d0c933c1fbcbad0ed82fc1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

SQLPrimaryKeys
SQLConnectA
SQLErrorA
ODBCGetTryWaitValue
SQLGetStmtAttrA
SQLDriverConnect
ODBCSetTryWaitValue
SQLProcedureColumnsA
SearchStatusCode
SQLColumnsA
SQLSetConnectOption
SQLGetTypeInfoA
SQLBrowseConnectA
SQLGetFunctions
CollectODBCPerfData
SQLExtendedFetch
SQLGetDescRec
SQLSetDescFieldA
SQLBulkOperations
SQLColumnPrivilegesA
SQLSetStmtAttrA
SQLTables
SQLDataSourcesA
SQLRowCount
SQLDataSources
SQLProcedures
SQLMoreResults
SQLSetConnectAttr
SQLProcedureColumns
SQLGetDiagRecA
SQLBindParam
SQLExecDirect
CursorLibTransact
SQLSetPos
SQLForeignKeys
SQLGetData
SQLFetch

user32

DefWindowProcA
GetMessageA
DispatchMessageA
CreateWindowExA
DestroyWindow
EndPaint
SendMessageA
UpdateWindow
BeginPaint
TranslateMessage
ShowWindow
RegisterClassA

kernel32

SetFirmwareEnvironmentVariableA
InterlockedDecrement
HeapFree
SetEvent
GetThreadPriorityBoost
InterlockedIncrement
GetCurrentThread
SystemTimeToFileTime
SetProcessPriorityBoost
ExitProcess
IsBadStringPtrA
FileTimeToSystemTime
VerSetConditionMask
InterlockedCompareExchange
SetFilePointerEx
HeapDestroy
WaitForMultipleObjects
SetFilePointer
TransactNamedPipe
HeapCreate
VirtualAlloc
GetLastError
HeapQueryInformation
InterlockedExchangeAdd
GetSystemTime
PeekNamedPipe
lstrlenA
InterlockedExchange
CreateEventA
ConnectNamedPipe
GetEnvironmentStringsA
GetFileTime
OpenEventA
CloseHandle
DisconnectNamedPipe
VirtualFree
GetCurrentProcess
HeapAlloc
ExpandEnvironmentStringsA
CreateFileA
GetStringTypeA
CreateNamedPipeA
FreeEnvironmentStringsA
GetVersion
ReadFile

Sections

.text
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 227KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fa8e6d50d0c933c1fbcbad0ed82fc1e

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

user32

kernel32

Sections

.text Size: 588KB - Virtual size: 588KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 227KB - Virtual size: 3.3MB

.text
Size: 588KB - Virtual size: 588KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 227KB - Virtual size: 3.3MB