5dbd105c121906317e183d3bc9ee8673_JaffaCakes118 | Triage

Sharing

General

Target

5dbd105c121906317e183d3bc9ee8673_JaffaCakes118
Size

141KB
MD5

5dbd105c121906317e183d3bc9ee8673
SHA1

a5f4cd37852d9d01181cff82bb82799f8e7e1c2d
SHA256

4cd271ee9cd37a55afc14b0728f9b6515b07462c949a9113a23a8767295d96ce
SHA512

a6ae088183918ee9ee60770e733ea3deb93cf793a8a52729021f0a16fc7d35fc8a1faf581ffb328e50c5a638449a483dd1785f2c027f2c676dd26e3ed40d955f
SSDEEP

3072:UObGG9e3TJKLLJ/mZsN8VrK/vBAemqkTRrrNTSZX:UaGG9ed+LVmON8VqpAAkFxTSZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dbd105c121906317e183d3bc9ee8673_JaffaCakes118

Files

5dbd105c121906317e183d3bc9ee8673_JaffaCakes118
.exe windows:5 windows x86 arch:x86

71a70004ba89aadcb24d544e3ee35125

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

odbctrac

TraceSQLCancel
TraceSQLBindCol

kernel32

ExitProcess
CreateEventW
OpenMutexA
CreateNamedPipeA
CreateFileMappingA
GetProcAddress
OpenFileMappingA
SetLocalTime
MoveFileExA
GetVersionExA
CreateMutexW
LoadLibraryExW
lstrcpyW
GetModuleHandleA
GetCommandLineW
WaitForSingleObject

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSrC
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ