1aa3dbdf7260dcf6d821ecc6145fd4fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1aa3dbdf7260dcf6d821ecc6145fd4fe_JaffaCakes118
Size

65KB
MD5

1aa3dbdf7260dcf6d821ecc6145fd4fe
SHA1

4ff30bd32c81f36b9dda24e4ab49bf4f152c0cef
SHA256

cc72b6c2ccfd1f163aa7d7c6d9b93b834a4bc41a97ab1d61b79a5076538c6988
SHA512

1b4023fd7cca1097eb3c88b0c0e6884ec3e371b1f079b69c1b12fbae5b691824e4db66b05d67ee21a93114e46e29146a5fb37607bac29354690ab79016d6a58f
SSDEEP

1536:gyFND0bd7MXIgGQ9pD18Dl8CXFd6fimJuku/Tv2Qfk2WGu5jy/IYs:gyFND0WGQXyvXGfim+zXk2WGu5jgIYs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aa3dbdf7260dcf6d821ecc6145fd4fe_JaffaCakes118

Files

1aa3dbdf7260dcf6d821ecc6145fd4fe_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3470d32dd641cb4c22875e0a70a9efd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libpython2.6

PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyBool_FromLong
PyCFunction_Type
PyCObject_Import
PyClass_Type
PyDict_Clear
PyDict_DelItem
PyDict_GetItem
PyDict_New
PyDict_Next
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyErr_Clear
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_NewException
PyErr_NoMemory
PyErr_Occurred
PyErr_Restore
PyErr_SetFromErrno
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyEval_GetRestricted
PyEval_RestoreThread
PyEval_SaveThread
PyExc_AttributeError
PyExc_EOFError
PyExc_IOError
PyExc_KeyError
PyExc_TypeError
PyExc_ValueError
PyFile_AsFile
PyFile_DecUseCount
PyFile_IncUseCount
PyFile_Type
PyFloat_FromDouble
PyFloat_Type
PyFunction_Type
PyImport_Import
PyImport_ImportModule
PyInstance_New
PyInstance_NewRaw
PyInstance_Type
PyInt_FromLong
PyInt_FromSsize_t
PyInt_Type
PyIter_Next
PyList_Append
PyList_New
PyList_SetSlice
PyList_Size
PyList_Type
PyLong_FromLong
PyLong_FromString
PyLong_FromVoidPtr
PyLong_Type
PyMem_Free
PyMem_Malloc
PyModule_AddIntConstant
PyModule_GetDict
PyOS_ascii_formatd
PyOS_ascii_strtod
PyOS_snprintf
PyObject_Call
PyObject_CallFunctionObjArgs
PyObject_CallMethod
PyObject_CallObject
PyObject_Compare
PyObject_Free
PyObject_GC_Track
PyObject_GC_UnTrack
PyObject_GenericGetAttr
PyObject_GenericSetAttr
PyObject_GetAttr
PyObject_GetAttrString
PyObject_GetIter
PyObject_HasAttrString
PyObject_Repr
PyObject_SetAttr
PyObject_SetItem
PyObject_Size
PyRun_StringFlags
PySequence_GetItem
PyString_AsString
PyString_DecodeEscape
PyString_Format
PyString_FromString
PyString_FromStringAndSize
PyString_InternFromString
PyString_Size
PyString_Type
PySys_GetObject
PyTuple_GetItem
PyTuple_New
PyTuple_Pack
PyTuple_Size
PyTuple_Type
PyType_IsSubtype
PyType_Ready
PyType_Type
PyUnicodeUCS2_AsUTF8String
PyUnicodeUCS2_DecodeRawUnicodeEscape
PyUnicodeUCS2_DecodeUTF8
PyUnicode_Type
Py_BuildValue
Py_FindMethod
Py_InitModule4
Py_VaBuildValue
_PyFloat_Pack8
_PyFloat_Unpack8
_PyLong_AsByteArray
_PyLong_FromByteArray
_PyLong_NumBits
_PyLong_Sign
_PyObject_GC_New
_PyObject_New
_PyString_Resize
_PyThreadState_Current
_Py_CheckRecursionLimit
_Py_CheckRecursiveCall
_Py_NoneStruct
_Py_TrueStruct
_Py_ZeroStruct

cygwin1

__errno
_impure_ptr
calloc
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
fread
free
fwrite
getc
malloc
memcpy
memset
realloc
strtol

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

initcPickle

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 400B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3470d32dd641cb4c22875e0a70a9efd5

Headers

File Characteristics

Imports

libpython2.6

cygwin1

kernel32

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 48KB

.data Size: 7KB - Virtual size: 6KB

/4 Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 400B

.edata Size: 512B - Virtual size: 74B

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 49KB - Virtual size: 48KB

.data
Size: 7KB - Virtual size: 6KB

/4
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 400B

.edata
Size: 512B - Virtual size: 74B

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB