0c64b9bdfba4ed81a1b20cdd2be3e4d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c64b9bdfba4ed81a1b20cdd2be3e4d3_JaffaCakes118
Size

32KB
MD5

0c64b9bdfba4ed81a1b20cdd2be3e4d3
SHA1

7502cb3f2f5e62a72ba9ccbc9ac7ca4ff4da1829
SHA256

1c87f1d1fc65d9e59ab1bf07b24a708bf1ed654adf024f9196e48f6273c99a6c
SHA512

9d761757ca3480ebb080a2a3ca3f492a4f1acbdb3bc1998a56b555f70447acf791c038c820c9c470e16879059e39d98044b89d32cb11335d81ae7773cd36ce34
SSDEEP

384:AGHKtpHP2EVQT+hwSKId0npXJon6yZIr+RLvZENaLoejCdGVtaBiZzwPSOhjNqfF:HAplCfEOXrZSRLvONqoxiY8NwTjNqGe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c64b9bdfba4ed81a1b20cdd2be3e4d3_JaffaCakes118

Files

0c64b9bdfba4ed81a1b20cdd2be3e4d3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2a87b8b2250a994cb4740a5eae2b09e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

cyggcc_s-1

__deregister_frame_info
__register_frame_info

cygwin1

__assert_func
__getreent
_impure_ptr
abort
calloc
cygwin_create_path
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
fprintf
free
fwrite
longjmp
malloc
memcpy
realloc
setjmp
strlen
vsnprintf

cygjpeg-7

jpeg_CreateDecompress
jpeg_calc_output_dimensions
jpeg_destroy_decompress
jpeg_finish_decompress
jpeg_read_header
jpeg_read_scanlines
jpeg_resync_to_restart
jpeg_set_marker_processor
jpeg_start_decompress
jpeg_std_error

kernel32

GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

cygmagickcore-1

LoadImagesTag
LoadImageTag
LoadImageTag
LoadImageTag
LoadImageTag
LoadImageTag
LoadImageTag
LoadImageTag
AcquireQuantumMemory
AcquireStringInfo
AllocateImage
AllocateImageColormap
AllocateNextImage
AppendImageToList
CloneImageInfo
CloseBlob
ConcatenateStringInfo
ConstantString
CopyMagickMemory
CopyMagickString
DestroyImage
DestroyImageInfo
DestroyImageList
DestroyString
FormatMagickString
GetBlobSize
GetFirstImageInList
GetImagePixels
GetImageProfile
GetImageProperty
GetIndexes
GetNextImageInList
GetStringInfoDatum
GetStringInfoLength
InheritException
InvokeDelegate
IsAccessible
LoadImageTag
LoadImagesTag
LocaleCompare
LocaleNCompare
LogMagickEvent
NewImageList
OpenBlob
ParseGeometry
ReadBlob
ReadBlobByte
ReadBlobLSBLong
ReadBlobLSBShort
ReadImage
RegisterMagickInfo
RelinquishMagickMemory
RelinquishUniqueFileResource
ResetMagickMemory
SetImageExtent
SetImagePixels
SetImageProfile
SetImageProperty
SetMagickInfo
SyncImagePixels
SyncNextImageInList
TellBlob
ThrowMagickException
UnregisterMagickInfo

Exports

Exports

RegisterAVIImage
UnregisterAVIImage

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 304B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a87b8b2250a994cb4740a5eae2b09e8

Headers

DLL Characteristics

File Characteristics

Imports

cyggcc_s-1

cygwin1

cygjpeg-7

kernel32

cygmagickcore-1

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 3KB

/4 Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 304B

.edata Size: 512B - Virtual size: 104B

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 3KB

/4
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 304B

.edata
Size: 512B - Virtual size: 104B

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB