13dbdd9252278b390967bc9be747522c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13dbdd9252278b390967bc9be747522c_JaffaCakes118
Size

452KB
MD5

13dbdd9252278b390967bc9be747522c
SHA1

268efcd006b293fb11a416cacef4d43bede7ac39
SHA256

d7ab05534186d9d09cf38644d3f9f161d3f28c0bc789e6fdf26abfeec8206121
SHA512

f5c7be7c9eee65f4121b8b564c1f50a62d7de755392cb9a7182d1856b05bf92ad2998391f226e50e64292cfeabbb72b9d7f985bf048de63d4c76e3e9f9cebf8e
SSDEEP

12288:AAyZSBo59bnbOruuMYTCcT1gGdky4sUm:AAyZp59bKSuMYT3gGGy4s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13dbdd9252278b390967bc9be747522c_JaffaCakes118

Files

13dbdd9252278b390967bc9be747522c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

79136ddb275d35b3ea34b333d0aaf5a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTapeStatus
FindClose
GetModuleHandleA
DeleteAtom
HeapCreate
GetVersion
CreatePipe
GetModuleFileNameA
WaitForMultipleObjects
CreateDirectoryA
HeapFree
AddAtomW
ExitThread
GetCommandLineA
CreateSemaphoreW
GetFileType
RemoveDirectoryA
CloseHandle
SetEndOfFile
FindAtomA
SetVolumeLabelA
RemoveDirectoryA
WriteFile
GetDriveTypeA
IsBadWritePtr

clbcatq

CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup

odbcbcp

bcp_bind
bcp_bind
bcp_bind
bcp_bind

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE