2e247aa58036f60dea6391ef4a1444f6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2e247aa58036f60dea6391ef4a1444f6_JaffaCakes118
Size

16KB
MD5

2e247aa58036f60dea6391ef4a1444f6
SHA1

e41b42c973e8ff423981991a133876e949407965
SHA256

8c1c01f51cdf05ebf0d7a17748990cba28ffb2d506d06ab0b6aa56c2b3760eaf
SHA512

0f36db1a403aa4b3e4d255718c1b769f850ca36cee01a273a89588918b02a9c86dcac1b8435f2db85b64fa4f3ae63e9e09d0332547c84ebc5be315120afb6783
SSDEEP

384:skF53wvnjt5V38HzMxWfBgMdxHLkZl+eBv9B7ieE:s+53kjt5eAQfGMdxHwZl+S9B7LE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e247aa58036f60dea6391ef4a1444f6_JaffaCakes118

Files

2e247aa58036f60dea6391ef4a1444f6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a9f113c2c08f4a2ee2e0d25ec7fecb18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

PDB Paths

Imports

msys-gcc_s-1

__deregister_frame_info
__register_frame_info

msys-2.0

__cxa_atexit
__stack_chk_fail
__stack_chk_guard
_impure_ptr
calloc
cygwin_internal
dll_dllcrt0
free
malloc
msys_detach_dll
posix_memalign
realloc

kernel32

FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA

msys-perl5_26

Perl_av_extend
Perl_av_fetch
Perl_av_len
Perl_av_pop
Perl_av_push
Perl_av_store
Perl_croak_nocontext
Perl_croak_xs_usage
Perl_newRV
Perl_newRV_noinc
Perl_newSV_type
Perl_newSViv
Perl_newSVnv
Perl_newSVpvn
Perl_newSVuv
Perl_newXS_deffile
Perl_sv_2iv_flags
Perl_sv_2mortal
Perl_sv_2nv_flags
Perl_sv_2pv_flags
Perl_sv_2uv_flags
Perl_sv_setiv
Perl_sv_setnv
Perl_xs_boot_epilog
Perl_xs_handshake

Exports

Exports

__gcc_deregister_frame
__gcc_register_frame
boot_Math__BigInt__FastCalc
hmod_libgcc

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 268B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9f113c2c08f4a2ee2e0d25ec7fecb18

Headers

File Characteristics

PDB Paths

Imports

msys-gcc_s-1

msys-2.0

kernel32

msys-perl5_26

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 68B

.rdata Size: 1KB - Virtual size: 1KB

.buildid Size: 512B - Virtual size: 53B

/4 Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 268B

.edata Size: 512B - Virtual size: 177B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 436B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 68B

.rdata
Size: 1KB - Virtual size: 1KB

.buildid
Size: 512B - Virtual size: 53B

/4
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 268B

.edata
Size: 512B - Virtual size: 177B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 436B