1419167feaf2ae8d0c07206eff893655_JaffaCakes118

General

Target

1419167feaf2ae8d0c07206eff893655_JaffaCakes118
Size

1.1MB
MD5

1419167feaf2ae8d0c07206eff893655
SHA1

892c5a9649f7de92b4abeeb541a650c4b58383cf
SHA256

ef61c549b542744efafa2a702891c1dfad6542b034ef0f4ab5704b9967bd9235
SHA512

aa6276e2f3cc9008b6bda43b4a743a005a9e46cf8cead6d5b191045950806ffea1ef74dc0e57dfcdc412ca1afaa3faba1f3bf6f9fe59850b6623d8d9bd251d6d
SSDEEP

24576:lS0Z3c4HadiRUH87sGsOfMCOcvHXGe7lII9UWUm3Ul81EcRCFH:l13jawNxXV/XGglIxmkl81ZM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1419167feaf2ae8d0c07206eff893655_JaffaCakes118

Files

1419167feaf2ae8d0c07206eff893655_JaffaCakes118
.exe windows:8 windows x86 arch:x86

c353933ef96a9ddc0d0df5271492e8b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

SQLSetCursorName
SQLCancel
SQLSetDescField
SQLErrorA
SQLGetInfo
SQLBrowseConnect
SQLDriversA
SQLSetEnvAttr
SQLGetDiagFieldA
SQLNumResultCols
SQLCloseCursor
SQLGetDescField
SQLDriverConnect
SQLGetInfoA

kernel32

ExitProcess
CreateNamedPipeA
GetNamedPipeHandleStateA
InitializeCriticalSection
ConnectNamedPipe
HeapUnlock
lstrcmpiA
InterlockedPushEntrySList
FileTimeToLocalFileTime
ReadFile
DisconnectNamedPipe
UnmapViewOfFile
CloseHandle
HeapCreate
SetFilePointer
InterlockedPopEntrySList
lstrlenA
GetFileAttributesA
HeapFree
HeapQueryInformation
WaitForMultipleObjects
LeaveCriticalSection
HeapDestroy
TryEnterCriticalSection
GetCurrentProcessId
GetCurrentThreadId
MapViewOfFile
InterlockedDecrement
HeapLock
HeapAlloc
InterlockedIncrement
GetFileTime
CreateFileMappingA
CreateFileA

adsldpc

BuildADsParentPathFromObjectInfo2
ADsGetNextColumnName
ADsSetSearchPreference
ADsDeleteAttributeDefinition
AdsTypeFreeAdsObjects
FreeADsStr
FindEntryInSearchTable
Component
ADsEnumAttributes
ADSICloseDSObject
AdsTypeToLdapTypeCopyConstruct
AdsTypeToLdapTypeCopyTime
BuildLDAPPathFromADsPath2

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 793KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c353933ef96a9ddc0d0df5271492e8b2

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

kernel32

adsldpc

Sections

.text Size: 184KB - Virtual size: 184KB

.data Size: 151KB - Virtual size: 151KB

.rsrc Size: 793KB - Virtual size: 3.9MB

.text
Size: 184KB - Virtual size: 184KB

.data
Size: 151KB - Virtual size: 151KB

.rsrc
Size: 793KB - Virtual size: 3.9MB