3dbe3b43a56864e5e5afdc06b4ac1bbd_JaffaCakes118 | Triage

Sharing

General

Target

3dbe3b43a56864e5e5afdc06b4ac1bbd_JaffaCakes118
Size

246KB
MD5

3dbe3b43a56864e5e5afdc06b4ac1bbd
SHA1

5c4ace2593cd4534028126ea163b2a4727415a80
SHA256

b4db33d02a50ce81fc63a9f84f755bda4af94e3ab2e645028c7d8739b3442b42
SHA512

9b763add883ad4c93951825d0ca578d22a0dec7551d34c17a5a1dfcafbaa45b8ad4b40672e2a0b6371316a15bc8312d18177644a3184f69d1b502fd3fb0c16b9
SSDEEP

3072:D5al17pnvXgd71P1tAyQxF7yGHJRbdmhso4G8RIo525hCBa54uLl0lW4dwFZWlza:kcxP1anJRb88RIo5iL482IaQUFKfkGr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dbe3b43a56864e5e5afdc06b4ac1bbd_JaffaCakes118

Files

3dbe3b43a56864e5e5afdc06b4ac1bbd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

007f7209ce5b21b4494bce189afaa5e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleW
OutputDebugStringW
GetThreadSelectorEntry
GetTickCount
QueryPerformanceFrequency
RaiseException

user32

DdeDisconnect

odbc32

SQLFreeHandle

advapi32

RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 811KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ