12e45bcd0eeefd8ec3707a857e85b2fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12e45bcd0eeefd8ec3707a857e85b2fe_JaffaCakes118
Size

665KB
MD5

12e45bcd0eeefd8ec3707a857e85b2fe
SHA1

d7e81fb327934a454e672f99d7d39e5247cfce9d
SHA256

5424634bd8939eb3d28e0fc1babea7d69c977f72db96fa6d08b00507b391a7a4
SHA512

7c2ec69bb3f32392c624001dbfe6e9564ae163d77024b7059f752815b40af7d8afd5572bfffcb7e82aad8ab1863f80506a3a671b753b0a8fab31cbdabcac4ed2
SSDEEP

12288:MaFHoxJ8gf6266y8IXhJvCKAzqVLzcrZgYIMGv1iLD9yQvG6h:MCHoxJFf6p3Xhcrn5Go9yQO6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e45bcd0eeefd8ec3707a857e85b2fe_JaffaCakes118

Files

12e45bcd0eeefd8ec3707a857e85b2fe_JaffaCakes118
.dll windows:5 windows x86 arch:x86

97d5216be2922cadc5f3fb7fc4071be6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr90

__CppXcptFilter
__clean_type_info_names_internal
_unlock
_adjust_fdiv
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
memset
calloc
free
_wassert
memcpy
_aligned_free
__dllonexit
_aligned_malloc

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

Exports

Exports

ec_free_context
ec_free_point
ec_ws_add
ec_ws_clone
ec_ws_cmp
ec_ws_copy
ec_ws_double
ec_ws_get_xy
ec_ws_is_pai
ec_ws_neg
ec_ws_new_context
ec_ws_new_point
ec_ws_normalize
ec_ws_scalar
init_ec_ws

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 631KB - Virtual size: 631KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ