0d5fc06cb43d0d12cd2a207e9aa66205_JaffaCakes118

General

Target

0d5fc06cb43d0d12cd2a207e9aa66205_JaffaCakes118
Size

1.1MB
MD5

0d5fc06cb43d0d12cd2a207e9aa66205
SHA1

1a67755cb76891e8863e317d77d581d7374e0008
SHA256

c4ab215efe6e0857e04c501fc3ec1fa54473f665892974035685a9be381a853e
SHA512

4f457cc94620a9046e6fc8cd698ef1204e3950bfa98c1c170bd8bcaff3f698fa5dff6d07efad6f2f69c67585e845c49465c357ad679aa23402a573f2c8338a82
SSDEEP

24576:i7FH2rZnZ8GmU8DmpWzF9qBpW1VCMLSbKwg0Bfo8:E2VB+UMLwKcO8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d5fc06cb43d0d12cd2a207e9aa66205_JaffaCakes118

Files

0d5fc06cb43d0d12cd2a207e9aa66205_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a1012005563dd1495bf4869c74c59cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

BeginPaint
SendMessageA
EndPaint
DispatchMessageA
RegisterClassA
DestroyWindow
DefWindowProcA
ShowWindow
UpdateWindow
CreateWindowExA
TranslateMessage
GetMessageA

kernel32

GetCurrentThread
VirtualAlloc
GetSystemTime
SetFilePointerEx
GetFileTime
DosDateTimeToFileTime
lstrlenA
CloseHandle
ReadFile
HeapLock
lstrcmpA
WaitForMultipleObjects
CreateFileA
InterlockedFlushSList
HeapUnlock
GetVersion
SetEvent
TransactNamedPipe
OpenEventA
CompareStringA
SetFilePointer
ExitProcess
CreateNamedPipeA
GetLastError
FreeEnvironmentStringsA
VirtualFree
VerSetConditionMask
HeapReAlloc
GetNamedPipeHandleStateA
WriteFileGather
GetThreadPriorityBoost
GetFileAttributesExA
SetThreadPriorityBoost
GetCurrentProcess
HeapFree
GetEnvironmentStringsA
HeapAlloc
CreateEventA
ConnectNamedPipe

odbc32

SQLSetPos
SQLStatisticsA
SQLColAttribute
CollectODBCPerfData
SQLProcedures
SQLExecDirect
CloseODBCPerfData
SQLDataSources
SQLError
SQLSetDescField
SQLParamOptions
SQLGetFunctions
SQLExecute
SQLFreeConnect
SQLSetStmtOption
SQLSetConnectAttr
SQLGetDiagField
SQLGetStmtAttr
SQLColumns
PostODBCComponentError
SQLGetCursorNameA
SQLAllocHandleStd
SQLGetConnectOptionA
SQLGetCursorName
SQLPrimaryKeys
PostODBCError
SQLConnect
SQLForeignKeysA
SQLBindCol
SQLMoreResults
SQLSetEnvAttr

Sections

.text
Size: 583KB - Virtual size: 583KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a1012005563dd1495bf4869c74c59cf

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

odbc32

Sections

.text Size: 583KB - Virtual size: 583KB

.data Size: 327KB - Virtual size: 327KB

.rsrc Size: 212KB - Virtual size: 3.3MB

.text
Size: 583KB - Virtual size: 583KB

.data
Size: 327KB - Virtual size: 327KB

.rsrc
Size: 212KB - Virtual size: 3.3MB