28161e00a65f71bfcf2cde4b7b125e6c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28161e00a65f71bfcf2cde4b7b125e6c_JaffaCakes118
Size

1.2MB
MD5

28161e00a65f71bfcf2cde4b7b125e6c
SHA1

38ed3e1be38fb22c96f75afc366d3b1b1b22179a
SHA256

c5e978ade6dfb2de0251227a262d5eb89edf797a2259e5bf036e258ebfb666d9
SHA512

9ed94ecfbd2ea710e2aa4709173319bcdb6fc4d57e89b3fb206a1ef5f426a3af528bd0b1991bf26bbd6a13b9e1a257afb450f74d02d37b179f3a6f8968adbe1d
SSDEEP

24576:s5RH1opNacXAKgAxzHzZnpSPwNeJpgUOpN5iTgPhABXiSYEFucC:2RH1upX55IPaUOr5iTgPCXieFucC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28161e00a65f71bfcf2cde4b7b125e6c_JaffaCakes118

Files

28161e00a65f71bfcf2cde4b7b125e6c_JaffaCakes118
.exe windows:6 windows x86 arch:x86

f25fd015dae46ddc14e2720ca954ff28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UpdateWindow
GetMessageA
CreateWindowExA
DispatchMessageA
EndPaint
DestroyWindow
SendMessageA
DefWindowProcA
RegisterClassA
ShowWindow
TranslateMessage
BeginPaint

odbc32

SQLDrivers
SQLSetConnectAttrA
SQLFreeEnv
SQLGetStmtAttr
PostODBCError
SQLConnectA
SQLBindParameter
SQLGetDiagRec
SQLGetConnectAttr
SQLForeignKeys
SQLFreeHandle
SQLSetPos
SQLMoreResults
SQLSetScrollOptions
SQLTablesA
SQLGetDiagRecA
SQLGetConnectOptionA
CursorLibTransact
SQLFetch
SQLColumnPrivilegesA
SQLGetStmtOption
SQLPutData
SQLParamOptions
SQLGetDescRecA
SQLNumParams
SQLNativeSql
VFreeErrors
SQLPrepare
SQLFetchScroll
SQLGetDiagField

advpack

SetPerUserSecValues
RunSetupCommand
AdvInstallFile
LaunchINFSection
GetVersionFromFile
RegInstall
RegisterOCX

kernel32

HeapFree
lstrcmpiA
DisconnectNamedPipe
IsBadStringPtrA
HeapCreate
GetEnvironmentVariableA
QueryDepthSList
DeleteFileA
GetProcessAffinityMask
HeapDestroy
DosDateTimeToFileTime
CreateFileA
InterlockedCompareExchange
ConnectNamedPipe
HeapQueryInformation
VirtualAlloc
VirtualFree
GetVersion
ReadFile
FileTimeToDosDateTime
ExitProcess
GetFileAttributesExA
SetFilePointer
WaitForMultipleObjects
InterlockedFlushSList
ReadFileEx
FileTimeToLocalFileTime
CallNamedPipeA
HeapReAlloc
TransactNamedPipe
FreeEnvironmentStringsA
GetFileTime
CloseHandle
GetSystemTimes
GetSystemInfo
HeapSize
GetEnvironmentStringsA
SwitchToThread
HeapAlloc
CreateNamedPipeA

Sections

.text
Size: 583KB - Virtual size: 583KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 536KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f25fd015dae46ddc14e2720ca954ff28

Headers

DLL Characteristics

File Characteristics

Imports

user32

odbc32

advpack

kernel32

Sections

.text Size: 583KB - Virtual size: 583KB

.data Size: 536KB - Virtual size: 536KB

.rsrc Size: 91KB - Virtual size: 3.1MB

.text
Size: 583KB - Virtual size: 583KB

.data
Size: 536KB - Virtual size: 536KB

.rsrc
Size: 91KB - Virtual size: 3.1MB