75931109db1ad58aee61d29f15b843b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75931109db1ad58aee61d29f15b843b1_JaffaCakes118
Size

127KB
MD5

75931109db1ad58aee61d29f15b843b1
SHA1

4222d2f530594fc1a168cca381a4929ec3d879be
SHA256

9d152f53fc2ece08afdafecd717cdd15dc75d71f247fa26c2c2a62a2514fd689
SHA512

49fef6e256c61eae3cffc9ce1cf54ed10296b169342db1f2b0316a99544f7a94c738622c34b8d1f5f593a417a69ee5c0eacc3a6920d13520a77c9887fbd34be1
SSDEEP

3072:d5n2rAkWbkSGZNt78EOMVAEMCj3gQpCELYoz8EeWWt94Tyhw:b2rAkAGrtBOMVA5WhLNo3bhw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75931109db1ad58aee61d29f15b843b1_JaffaCakes118

Files

75931109db1ad58aee61d29f15b843b1_JaffaCakes118
.dll windows:6 windows x86 arch:x86

013643dbdfdd1c44c67f3c1036bd04b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python27

PyErr_NoMemory
PyErr_Format
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
Py_BuildValue
Py_InitModule4
PyRun_StringFlags
PyEval_GetBuiltins
PyObject_CallObject
PyObject_CallFunction
PyObject_CallMethod
PyErr_Clear
PyType_Type
_Py_NoneStruct
PyString_Type
PyList_Type
PyDict_Type
PyExc_AttributeError
PyExc_IndexError
PyExc_RuntimeError
PyExc_SyntaxError
PyExc_TypeError
PyExc_ValueError
PyErr_Occurred
PyErr_SetString
Py_FindMethod
PyDict_SetItemString
PyDict_GetItemString
PyDict_Update
PyDict_Copy
PyDict_Size
PyDict_Items
PyDict_Keys
PyDict_SetItem
PyDict_GetItem
PyDict_New
PyList_Append
PyList_SetItem
PyList_New
PyTuple_New
_PyString_Resize
PyString_ConcatAndDel
PyString_FromString
PyString_FromStringAndSize
PyUnicodeUCS2_DecodeUTF8
PyInt_FromLong
PyUnicodeUCS2_Decode
PyUnicodeUCS2_FromUnicode
_PyObject_New
PyObject_Free
PyObject_Realloc
PyObject_Malloc
PyObject_GetAttrString
PyObject_Compare
PySequence_GetSlice
PyObject_Repr

msvcr110

__crtTerminateProcess
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
realloc
malloc
free
memmove
memset
memcpy
sprintf
__crtUnhandledException

kernel32

IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent

Exports

Exports

initcElementTree

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

013643dbdfdd1c44c67f3c1036bd04b3

Headers

DLL Characteristics

File Characteristics

Imports

python27

msvcr110

kernel32

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 7KB - Virtual size: 7KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 7KB - Virtual size: 7KB

.reloc
Size: 6KB - Virtual size: 6KB