a5a87df9438c5b5f6e4dae6ce4f7e32e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5a87df9438c5b5f6e4dae6ce4f7e32e_JaffaCakes118
Size

188KB
MD5

a5a87df9438c5b5f6e4dae6ce4f7e32e
SHA1

bfb7da2b3e31b3ad6b0099e5eb367c819cf6e965
SHA256

f34f71587d0bcd35d8716656edd6ef1cc01bd3a05fb2912d1d926d48cc0e347e
SHA512

fa57e57e3cdddad84445ac271d7e951d9b7acef19d0336fa1bf1b327cbd3cf4683afce5b18b30084eaa21572a395e270cebe3a9c229a3a87d9623940fef6d2a5
SSDEEP

3072:ycOa8PGdRItPbbeW4azwDRxFNIIxEvOgB1XQ5jR2tYRpF09:ycOa8PGdRMb2aEl+gEvOgB1XQ5jhF09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5a87df9438c5b5f6e4dae6ce4f7e32e_JaffaCakes118

Files

a5a87df9438c5b5f6e4dae6ce4f7e32e_JaffaCakes118
.dll windows:4 windows x64 arch:x64

0f2853a8df02ef4a8d559088fd443df0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitThread
FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__dllonexit
__iob_func
_amsg_exit
_initterm
_lock
_onexit
_setjmp
_unlock
abort
fflush
calloc
fprintf
free
fwrite
getenv
longjmp
malloc
memcpy
memmove
signal
sprintf
sscanf
strlen
strncmp
vfprintf

Exports

Exports

reloctbl
symtbl

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mreltbl
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.exptbl
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reltbl
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/26
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/48
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/70
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/92
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/114
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/136
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/158
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/180
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/202
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/224
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/246
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/268
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/290
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/312
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/334
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/356
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/378
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/400
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/422
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/444
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/459
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/471
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/485
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/497
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/510
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/521
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/532
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f2853a8df02ef4a8d559088fd443df0

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 7KB

.mreltbl Size: 512B - Virtual size: 64B

.exptbl Size: 6KB - Virtual size: 5KB

.reltbl Size: 9KB - Virtual size: 9KB

/4 Size: 512B - Virtual size: 16B

/26 Size: 512B - Virtual size: 16B

/48 Size: 512B - Virtual size: 16B

/70 Size: 512B - Virtual size: 16B

/92 Size: 512B - Virtual size: 16B

/114 Size: 512B - Virtual size: 16B

/136 Size: 512B - Virtual size: 16B

/158 Size: 512B - Virtual size: 16B

/180 Size: 512B - Virtual size: 16B

/202 Size: 512B - Virtual size: 16B

/224 Size: 512B - Virtual size: 16B

/246 Size: 512B - Virtual size: 16B

/268 Size: 512B - Virtual size: 16B

/290 Size: 512B - Virtual size: 16B

/312 Size: 512B - Virtual size: 16B

/334 Size: 512B - Virtual size: 16B

/356 Size: 512B - Virtual size: 16B

/378 Size: 512B - Virtual size: 16B

/400 Size: 512B - Virtual size: 16B

/422 Size: 512B - Virtual size: 16B

.rdata Size: 2KB - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1024B - Virtual size: 824B

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 89B

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 104B

.reloc Size: 3KB - Virtual size: 2KB

/444 Size: 1024B - Virtual size: 880B

/459 Size: 45KB - Virtual size: 45KB

/471 Size: 6KB - Virtual size: 5KB

/485 Size: 5KB - Virtual size: 5KB

/497 Size: 3KB - Virtual size: 2KB

/510 Size: 512B - Virtual size: 302B

/521 Size: 12KB - Virtual size: 11KB

/532 Size: 1KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 7KB

.mreltbl
Size: 512B - Virtual size: 64B

.exptbl
Size: 6KB - Virtual size: 5KB

.reltbl
Size: 9KB - Virtual size: 9KB

/4
Size: 512B - Virtual size: 16B

/26
Size: 512B - Virtual size: 16B

/48
Size: 512B - Virtual size: 16B

/70
Size: 512B - Virtual size: 16B

/92
Size: 512B - Virtual size: 16B

/114
Size: 512B - Virtual size: 16B

/136
Size: 512B - Virtual size: 16B

/158
Size: 512B - Virtual size: 16B

/180
Size: 512B - Virtual size: 16B

/202
Size: 512B - Virtual size: 16B

/224
Size: 512B - Virtual size: 16B

/246
Size: 512B - Virtual size: 16B

/268
Size: 512B - Virtual size: 16B

/290
Size: 512B - Virtual size: 16B

/312
Size: 512B - Virtual size: 16B

/334
Size: 512B - Virtual size: 16B

/356
Size: 512B - Virtual size: 16B

/378
Size: 512B - Virtual size: 16B

/400
Size: 512B - Virtual size: 16B

/422
Size: 512B - Virtual size: 16B

.rdata
Size: 2KB - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1024B - Virtual size: 824B

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 89B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 104B

.reloc
Size: 3KB - Virtual size: 2KB

/444
Size: 1024B - Virtual size: 880B

/459
Size: 45KB - Virtual size: 45KB

/471
Size: 6KB - Virtual size: 5KB

/485
Size: 5KB - Virtual size: 5KB

/497
Size: 3KB - Virtual size: 2KB

/510
Size: 512B - Virtual size: 302B

/521
Size: 12KB - Virtual size: 11KB

/532
Size: 1KB - Virtual size: 1KB