140fbd05ebe0a77ffbda49890df216ed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

140fbd05ebe0a77ffbda49890df216ed_JaffaCakes118
Size

438KB
MD5

140fbd05ebe0a77ffbda49890df216ed
SHA1

6ce2f5718ea4e6d84a86875f98589c38d3c9854a
SHA256

16bc0c8dfdf84ca187b6c7f6a01876358fccda7eb6e58d9e4b6cbde0be381d5e
SHA512

885e313676b3b0a6d7d1fc63d5851bdec6a1cd545788b91e8b0260a0f2f49dc656384c14d4ff524ddfda158dbbadfd2d63e487f121f7c41868af8189db1f29a7
SSDEEP

6144:k+5mBWIOZlpmD7C4u5tG/MyB0F9ybz0yZTivW/STsFs/bp:k+5mBfAmPC4u5c/MES9yXZTxYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140fbd05ebe0a77ffbda49890df216ed_JaffaCakes118

Files

140fbd05ebe0a77ffbda49890df216ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\builds\moz2_slave\rel-m-rel-w32_bld-000000000000\build\obj-firefox\ipc\app\plugin-container.pdb

Exports

Exports

?ProvideLogFunction@sandboxing@mozilla@@YAXP6AXPBD00_NI@Z@Z
IsSandboxedProcess
_TargetCreateNamedPipeW@36
_TargetCreateProcessA@44
_TargetCreateProcessW@44
_TargetGdiDllInitialize@12
_TargetGetStockObject@8
_TargetNtCreateEvent@24
_TargetNtCreateFile@48
_TargetNtCreateKey@32
_TargetNtMapViewOfSection@44
_TargetNtOpenEvent@16
_TargetNtOpenFile@28
_TargetNtOpenKey@16
_TargetNtOpenKeyEx@20
_TargetNtOpenProcess@20
_TargetNtOpenProcessToken@16
_TargetNtOpenProcessTokenEx@20
_TargetNtOpenThread@20
_TargetNtOpenThreadToken@20
_TargetNtOpenThreadTokenEx@24
_TargetNtQueryAttributesFile@12
_TargetNtQueryFullAttributesFile@12
_TargetNtSetInformationFile@24
_TargetNtSetInformationThread@20
_TargetNtUnmapViewOfSection@12
_TargetRegisterClassW@8
g_handles_to_close
g_interceptions
g_nt
g_originals
g_shared_IPC_size
g_shared_delayed_integrity_level
g_shared_delayed_mitigations
g_shared_policy_size
g_shared_section

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ifc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 6KB - Virtual size: 17KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 9KB - Virtual size: 8KB

.ifc Size: 1KB - Virtual size: 4KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 6KB - Virtual size: 17KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 9KB - Virtual size: 8KB

.ifc
Size: 1KB - Virtual size: 4KB