7feaa0bd710b89f5e0ea44193abd97b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7feaa0bd710b89f5e0ea44193abd97b6_JaffaCakes118
Size

340KB
MD5

7feaa0bd710b89f5e0ea44193abd97b6
SHA1

461ec30bfeb4b7760b86c9564aee09d41c164164
SHA256

a46a70aca92d3676b93f46b02be068aafc883e9ecba1c66b039da9a0613ccc19
SHA512

1f9b37494b2251cd6af3f2e87eb3b4d977cc198745f96f8411f238902ea2998beea118550b8e926457dba092b9156e0e486578a1fc6779bcfb16698584395bb7
SSDEEP

6144:Iw19ObqjbQXJfmCDwwbqpGl0ExDPBjfQ/2GomCbH5cV1bCrDuGKwuqrplnyHtsHt:IIrbDD15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7feaa0bd710b89f5e0ea44193abd97b6_JaffaCakes118

Files

7feaa0bd710b89f5e0ea44193abd97b6_JaffaCakes118
.dll windows:6 windows x86 arch:x86

57738c9ef80cfefc5074fdf8c6a777aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python34

PyList_Type
PyExc_FloatingPointError
PyExc_IndexError
PyExc_KeyError
PyComplex_Type
PyExc_RuntimeWarning
PyObject_Repr
PyUnicode_Concat
PyErr_SetObject
PyFloat_Type
PyBool_Type
_Py_NotImplementedStruct
PySequence_GetItem
PySequence_Size
PyObject_CallFunctionObjArgs
PyObject_CallFunction
PyObject_CallObject
PyEval_RestoreThread
PyEval_SaveThread
PyEval_GetBuiltins
Py_BuildValue
PyArg_ParseTupleAndKeywords
PyOS_snprintf
PyErr_ExceptionMatches
PyErr_WarnEx
PyGILState_Release
PyGILState_Ensure
PyThreadState_GetDict
PyDict_Next
PyDict_SetItem
PyDict_GetItem
PyDict_New
PyList_New
PyLong_FromLongLong
PyLong_AsLongAndOverflow
PyLong_AsLong
PyUnicode_AsASCIIString
PyUnicode_InternFromString
PyUnicode_FromFormat
PyUnicode_FromString
PyUnicode_FromStringAndSize
PyBytes_ConcatAndDel
PyBytes_FromFormat
PyMem_Free
PyMem_Realloc
PyObject_HasAttrString
PyType_IsSubtype
PyObject_CallMethod
PyEval_CallObjectWithKeywords
PyTuple_Size
PyTuple_New
PyExc_ValueError
PyExc_TypeError
PyExc_RuntimeError
PyExc_ImportError
PyExc_AttributeError
PyCapsule_Type
_Py_TrueStruct
_Py_FalseStruct
_Py_NoneStruct
PyNumber_Or
PyNumber_Xor
PyNumber_And
PyNumber_Rshift
PyNumber_Lshift
PyNumber_Invert
PyNumber_Absolute
PyNumber_Negative
PyNumber_Power
PyNumber_Remainder
PyNumber_TrueDivide
PyNumber_FloorDivide
PyNumber_Multiply
PyNumber_Subtract
PyNumber_Add
PyImport_ImportModule
PyModule_Create2
PyModule_AddStringConstant
PyModule_AddIntConstant
PyModule_AddObject
PyArg_ParseTuple
PyErr_Format
PyErr_NoMemory
PyErr_Clear
PyErr_Occurred
PyErr_SetString
PyCapsule_GetPointer
PyCapsule_New
PyModule_GetDict
PyDict_SetItemString
PyDict_GetItemString
PyFloat_FromDouble
PyBytes_AsStringAndSize
PyLong_FromLong
PyBytes_FromString
PyObject_Init
PyMem_Malloc
PyCallable_Check
PyObject_Not
PyObject_IsTrue
PyObject_GetAttrString
PyObject_RichCompareBool
PyExc_NameError
PyType_Ready

msvcr120

__crtTerminateProcess
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
_except1
nextafterl
nextafterf
nextafter
floor
ceil
_libm_sse2_tan_precise
_libm_sse2_sqrt_precise
_libm_sse2_sin_precise
_libm_sse2_log_precise
_libm_sse2_log10_precise
_libm_sse2_exp_precise
_libm_sse2_cos_precise
_libm_sse2_atan_precise
_libm_sse2_asin_precise
_libm_sse2_acos_precise
_CItanh
_CIsinh
_CIfmod
_CIcosh
truncl
rintl
log2l
log1pl
expm1l
exp2l
copysignl
atanhl
asinhl
acoshl
truncf
rintf
log2f
log1pf
exp2f
expm1f
copysignf
atanhf
asinhf
acoshf
modf
trunc
rint
log2
log1p
expm1
exp2
atanh
asinh
acosh
_copysign
strncmp
sprintf
fprintf
__iob_func
_statusfp2
_clearfp
_libm_sse2_pow_precise
ldexp
frexp
_fdsign
_dsign
_fdclass
_dclass
_isnan
_finite
memset
memcpy
__crtUnhandledException

kernel32

IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent

Exports

Exports

PyInit_umath

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57738c9ef80cfefc5074fdf8c6a777aa

Headers

DLL Characteristics

File Characteristics

Imports

python34

msvcr120

kernel32

Exports

Exports

Sections

.text Size: 232KB - Virtual size: 232KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 88KB - Virtual size: 92KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 232KB - Virtual size: 232KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 88KB - Virtual size: 92KB

.reloc
Size: 10KB - Virtual size: 9KB