aef443841425f3f2e2181f5a2b208c95_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aef443841425f3f2e2181f5a2b208c95_JaffaCakes118
Size

105KB
MD5

aef443841425f3f2e2181f5a2b208c95
SHA1

d88f8ed8984c5bc0cf64a9b8423ecb0b4e681957
SHA256

d6a61b36fd46625bba5e6adefa2a0e44d7cab217efb9b2e6de09c8fc943b9e1c
SHA512

21b140c50469c82839fac19c4944b34758773c966cf1f6f7268f92f19ea7085d7d1179e194872cb249863cf0879aec12e8d11f2bd085b06a45faf2a799113dcb
SSDEEP

1536:Ciebuyfqi02MaKkEM53ySspVfKfupf5CqlUBr/a2lolQ:5Euy502MaEM5nsffvd5QBr/ya

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aef443841425f3f2e2181f5a2b208c95_JaffaCakes118

Files

aef443841425f3f2e2181f5a2b208c95_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ac9a63733566a8538a4fda344b6d835

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

nss3

PR_NewLock
PR_DestroyLock
PR_CallOnce
PR_Lock
PR_GetThreadPrivate
PR_AssertCurrentThreadOwnsLock
PR_SetThreadPrivate
PR_NewThreadPrivateIndex
PR_WaitCondVar
PR_EnterMonitor
PR_ExitMonitor
PR_Wait
PR_AssertCurrentThreadInMonitor
PR_FileDesc2NativeHandle
PR_GetCurrentThread
PR_IntervalNow
PR_sscanf
PR_Seek64
PR_Unlock
PR_SetCurrentThreadName
PR_Assert
PR_dtoa
PR_Free
PR_Now

xul

NS_CStringCopy
NS_CStringContainerFinish
NS_CStringContainerInit2
NS_CStringContainerInit
NS_LogCOMPtrRelease
NS_LogCOMPtrAddRef
NS_LogDtor
NS_LogCtor
NS_DebugBreak
NS_StringContainerInit
NS_StringContainerInit2
NS_StringContainerFinish
NS_CStringCloneData
NS_CStringSetData
NS_CStringSetDataRange
NS_CStringToUTF16
NS_GetServiceManager
NS_GetComponentManager
NS_LogAddRef
NS_LogRelease
?_external_GetObserverService@services@mozilla@@YG?AU?$already_AddRefed@VnsIObserverService@@@@XZ
??0GCCellPtr@JS@@QAE@PAXW4TraceKind@1@@Z
??0GCCellPtr@JS@@QAE@PAVJSFunction@@@Z
??0GCCellPtr@JS@@QAE@ABVValue@1@@Z
?checkedCast@GCCellPtr@JS@@CAIPAXW4TraceKind@2@@Z
?outOfLineKind@GCCellPtr@JS@@ABE?AW4TraceKind@2@XZ
NS_GetMemoryManager
NS_StringGetData
NS_StringGetMutableData
NS_StringSetDataRange
NS_StringCopy
NS_CStringGetMutableData
NS_UTF16ToCString
NS_CStringGetData

kernel32

IsProcessorFeaturePresent
DecodePointer
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
WideCharToMultiByte
MultiByteToWideChar
VerifyVersionInfoA
SetThreadPriority
GetCurrentThread
VerSetConditionMask
CloseHandle
OutputDebugStringA
IsDebuggerPresent
SetFilePointerEx
SetEndOfFile
ReadFile
CreateFileW
GetCurrentProcess
TerminateProcess

msvcr120

_fmode
__initenv
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
_wfopen
_snprintf
ftell
_commode
fread
wcspbrk
wcsncmp
wcschr
strpbrk
strncpy
strchr
wcstol
strtol
_purecall
memset
memcmp
_dup
_vscprintf
vfprintf
fputs
_fdopen
fclose
srand
rand
memcpy
_vsnprintf
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_invoke_watson
_controlfp_s
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
fseek
__iob_func
fflush
fprintf
printf
exit
_hypot
memmove

mozglue

realloc
moz_xmalloc
free
strdup
?gChaosFeatures@detail@mozilla@@3W4ChaosFeature@2@A
malloc
?gChaosModeCounter@detail@mozilla@@3V?$Atomic@I$01X@2@A
wcsdup
moz_xrealloc

advapi32

CryptVerifySignatureW

Sections

.sxdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.l1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ac9a63733566a8538a4fda344b6d835

Headers

DLL Characteristics

File Characteristics

Imports

nss3

xul

kernel32

msvcr120

mozglue

advapi32

Sections

.sxdata Size: 74KB - Virtual size: 73KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.l1 Size: 6KB - Virtual size: 6KB

.sxdata
Size: 74KB - Virtual size: 73KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB

.l1
Size: 6KB - Virtual size: 6KB