2566347e89270d4c6397953a9b00bd0c_JaffaCakes118

General

Target

2566347e89270d4c6397953a9b00bd0c_JaffaCakes118
Size

1.1MB
MD5

2566347e89270d4c6397953a9b00bd0c
SHA1

781546a36506836b788f54f36953a2974456ec41
SHA256

e41883043a09778b1edac23f246d8893f8cee54affd3ccba64f006ac0e9f1118
SHA512

4d19c1eabe91af7144924098bf885e8dcedf9960baa4e2dba63313053b0846fccb3e1527d046f10ffac6bbafd5508aaa52b912a152ca1fc0154af23e6efc093c
SSDEEP

24576:5ESs0HldPB9ZzFjxMkn6vih4otXbr2up:51sYdPB9Z3MZiBrz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2566347e89270d4c6397953a9b00bd0c_JaffaCakes118

Files

2566347e89270d4c6397953a9b00bd0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22d2b1345fe3d9562e1d6d92863bba1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

SQLColAttribute
SQLProcedureColumnsA
SQLDataSources
SQLBindParam
SQLStatisticsA
CursorLibTransact
SQLGetFunctions
SQLDescribeParam
SQLFreeHandle
SQLDataSourcesA
SQLProcedures
SQLSetCursorName
SQLDriverConnectA
SQLNativeSql
SQLDriverConnect
CursorLibLockDbc
SQLDisconnect

kernel32

LeaveCriticalSection
HeapAlloc
ExitProcess
CreateFileA
CloseHandle
WaitForMultipleObjects
MapViewOfFile
InitializeCriticalSection
SetFilePointer
GetSystemTime
GetCurrentProcessId
GetNamedPipeHandleStateA
GetLocalTime
TryEnterCriticalSection
lstrcpynA
CreateFileMappingA
InterlockedIncrement
HeapLock
CreateNamedPipeA
UnmapViewOfFile
InterlockedDecrement
ReadFile
HeapFree
GetCurrentThreadId

adsldpc

ADsExecuteSearch
GetDomainDNSNameForDomain
ADsCreateAttributeDefinition
BerBvFree
ADsObject
ADsCreateDSObject
ADsDeleteAttributeDefinition
ConvertU2TrusteeToSid
ADSIGetNextColumnName
ADsEnumAttributes
AdsTypeToLdapTypeCopyDNWithBinary
ADSISetSearchPreference
ADSIOpenDSObject
ADsFreeColumn
ADsCreateClassDefinition

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 764KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22d2b1345fe3d9562e1d6d92863bba1e

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

kernel32

adsldpc

Sections

.text Size: 186KB - Virtual size: 186KB

.data Size: 154KB - Virtual size: 154KB

.rsrc Size: 764KB - Virtual size: 3.8MB

.text
Size: 186KB - Virtual size: 186KB

.data
Size: 154KB - Virtual size: 154KB

.rsrc
Size: 764KB - Virtual size: 3.8MB