110c3e456a17aeb5103a39116bbcba51_JaffaCakes118

General

Target

110c3e456a17aeb5103a39116bbcba51_JaffaCakes118
Size

1.1MB
MD5

110c3e456a17aeb5103a39116bbcba51
SHA1

ac981e4fe01a842b063a9f42b8cdba5f9904c4fb
SHA256

e1bf908afdef3207178361ef0d33f30a951203ccca49a68a5749e32dd2ed5398
SHA512

8c293c9528d8b500f3b8948594817bf1b31d4891d3df9b664a625ed4c0710458611759e1db6aa882e1e36e333bad48886b4271fafdae67959e89113a2cff45b5
SSDEEP

24576:UUZX1nP8Itq06riruq7vZjX1GN5kpDTdndAfNG1w/0:PLEIYJirRlXULkpDISw/0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
110c3e456a17aeb5103a39116bbcba51_JaffaCakes118

Files

110c3e456a17aeb5103a39116bbcba51_JaffaCakes118
.exe windows:8 windows x86 arch:x86

eb4356117f1dc9a79b8b9fb2dceb7399

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

SQLTablePrivileges
SQLFreeStmt
SQLConnectA
SQLCancel
SQLGetDescRec
CursorLibLockStmt
SQLGetDiagField
CursorLibLockDesc
SQLAllocHandle
SQLFreeEnv
SQLGetTypeInfoA
SQLBrowseConnect
SQLSetDescRec
SQLSetDescFieldA
SQLAllocConnect
VFreeErrors
SQLTablePrivilegesA
SQLFreeConnect
SQLColAttribute
SQLGetStmtAttrA
SQLGetStmtAttr
SQLGetConnectAttr
CursorLibTransact
SQLPrepareA
SQLPrimaryKeysA
SQLProceduresA
SQLGetDiagRecA
CursorLibLockDbc
CloseODBCPerfData
SQLGetDiagFieldA
SQLGetInfoA
SQLGetFunctions
SQLSetStmtAttrA
SQLGetData

kernel32

ReadFile
HeapQueryInformation
VerSetConditionMask
FreeEnvironmentStringsA
FileTimeToLocalFileTime
ReadFileScatter
HeapFree
SystemTimeToFileTime
CreateFileA
HeapAlloc
FileTimeToDosDateTime
lstrcpynA
ExitProcess
GetEnvironmentStringsA
InterlockedExchangeAdd
SetFilePointerEx
HeapCreate
GetFirmwareEnvironmentVariableA
SetFilePointer
GetProcessHeap
GetCurrentProcess
VirtualFree
HeapReAlloc
GetThreadPriorityBoost
GetFileTime
HeapDestroy
CreateNamedPipeA
CloseHandle
InterlockedIncrement
GetSystemTime
InterlockedDecrement
SetProcessPriorityBoost
VirtualAlloc
ConnectNamedPipe
WaitNamedPipeA
WaitForMultipleObjects

user32

TranslateMessage
ShowWindow
BeginPaint
CreateWindowExA
EndPaint
DispatchMessageA
DestroyWindow
UpdateWindow
RegisterClassA
GetMessageA
DefWindowProcA
SendMessageA

Sections

.text
Size: 807KB - Virtual size: 807KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 306KB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb4356117f1dc9a79b8b9fb2dceb7399

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

kernel32

user32

Sections

.text Size: 807KB - Virtual size: 807KB

.data Size: 17KB - Virtual size: 16KB

.rsrc Size: 306KB - Virtual size: 3.4MB

.text
Size: 807KB - Virtual size: 807KB

.data
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 306KB - Virtual size: 3.4MB