1687931658991afb2b7be71ea12b1b12_JaffaCakes118

General

Target

1687931658991afb2b7be71ea12b1b12_JaffaCakes118
Size

1.1MB
MD5

1687931658991afb2b7be71ea12b1b12
SHA1

bd99557917816d1eb76bbf9fe84d62a148bb668b
SHA256

f49ee6cb6f93e03c162077af62c3b8b2ae4c55ee265547db39f1ad40c01b2989
SHA512

f0e7308e38f6bf62101515d4655f9e180e883aebb00eeafe1d7c157ffb51ae7b7f87dd56297d104bea9b63c7b6449e9da840569a7336d38570b0548e51c79cad
SSDEEP

24576:Hkgs/cWT5dzYQmPYQfCn6bqsqgAIWp5+4dVeZBWh+fuHupP+wblrw:y0afmcnmWgPSkKDWGwbBw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1687931658991afb2b7be71ea12b1b12_JaffaCakes118

Files

1687931658991afb2b7be71ea12b1b12_JaffaCakes118
.exe windows:9 windows x86 arch:x86

60147b48efba3b11106a3656bb0d9265

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetNamedPipeInfo
CloseHandle
FreeEnvironmentStringsA
VerSetConditionMask
SetThreadPriorityBoost
lstrcpyA
GetEnvironmentStringsA
HeapCreate
InterlockedIncrement
CreateEventA
CallNamedPipeA
GetStringTypeExA
GetCurrentThread
ReadFile
WaitForMultipleObjects
SetFilePointer
HeapSize
HeapFree
VirtualFree
GetThreadPriorityBoost
InterlockedDecrement
HeapAlloc
GetFileAttributesExA
GetLastError
ConnectNamedPipe
VirtualAlloc
lstrcmpA
ExitProcess
SetEvent
CreateFileA
HeapDestroy
GetVersion
HeapLock
SetFilePointerEx
OpenEventA
GetCurrentProcess
lstrcpynA
HeapSetInformation
CreateNamedPipeA

user32

DispatchMessageA
ShowWindow
DestroyWindow
SendMessageA
DefWindowProcA
RegisterClassA
BeginPaint
TranslateMessage
UpdateWindow
EndPaint
GetMessageA
CreateWindowExA

odbc32

SQLGetFunctions
PostComponentError
SQLSetEnvAttr
SQLGetInfo
SQLParamData
SQLSetParam
SQLExtendedFetch
SQLSetStmtOption
SQLError
SQLNativeSqlA
SQLGetCursorNameA
SQLGetTypeInfoA
SQLProceduresA
SQLGetConnectOption
SQLColumnPrivilegesA
SQLStatistics
SQLColumnsA
SQLConnect
OpenODBCPerfData
SQLPrepareA
SQLNumResultCols
SQLGetData
SQLDriverConnectA
SQLFetch
SQLDataSources
SQLGetDescField
SQLSpecialColumns
SQLGetDiagField
SQLSetDescField
CursorLibLockStmt
SQLBulkOperations
SQLAllocHandleStd
SQLGetDiagFieldA
SQLProcedureColumns
GetODBCSharedData
SQLGetStmtOption
SQLSetPos
SQLColAttributesA
SQLParamOptions

Sections

.text
Size: 587KB - Virtual size: 587KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 201KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60147b48efba3b11106a3656bb0d9265

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

odbc32

Sections

.text Size: 587KB - Virtual size: 587KB

.data Size: 320KB - Virtual size: 319KB

.rsrc Size: 201KB - Virtual size: 3.3MB

.text
Size: 587KB - Virtual size: 587KB

.data
Size: 320KB - Virtual size: 319KB

.rsrc
Size: 201KB - Virtual size: 3.3MB