22662982d0394d64d1c337945f9985d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

22662982d0394d64d1c337945f9985d7_JaffaCakes118
Size

78KB
MD5

22662982d0394d64d1c337945f9985d7
SHA1

85bfb84e0a54714a6385be25b5fe820d9a0f472b
SHA256

92fe0a0a91aef7a9563f7c16f0d7cc32ab242ad856c2a030907b0f943a66a011
SHA512

0cbfb89d44d3c9a9c2671e1f122de0ac82d26528d9c842dc57493bfa2b808944b891781e83b8041807a56e9553de1d7e1985da198ca9c7fb066ab20e0347db08
SSDEEP

1536:EXIQoxqY/CLWpkTFSDgUamC64HdtJfbIAqpTfO5Wem2/f:aIQoNCLWpkTF65aJfbIAuTfKn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22662982d0394d64d1c337945f9985d7_JaffaCakes118

Files

22662982d0394d64d1c337945f9985d7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9374d5ba1d1e0327ac08b1386d906167

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_AREA\jdk6\control\build\windows-i586\tmp\java\hpi\windows_threads\obj\hpi.pdb

Imports

msvcr71

_onexit
__dllonexit
_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
strcmp
_beginthreadex
_endthreadex
strerror
memset
_setmode
_control87
raise
signal
_stati64
_fstati64
_lseeki64
_get_osfhandle
_errno
strcpy
_iob
isalpha
calloc
free
realloc
malloc
strncpy
sprintf
strlen
_strdup
_open
_read
_write
_close

kernel32

EnterCriticalSection
DisableThreadLibraryCalls
TlsAlloc
GetVersionExA
GetCurrentProcess
GetCurrentThreadId
DuplicateHandle
TlsSetValue
GetCurrentThread
GetThreadTimes
SuspendThread
TlsGetValue
SetThreadPriority
GetThreadPriority
ResumeThread
GetThreadContext
VirtualQuery
FormatMessageA
Sleep
SystemTimeToFileTime
GetSystemTime
GetTickCount
CreateEventA
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
PeekNamedPipe
SetHandleInformation
GetLastError
LoadLibraryA
FreeLibrary
GetProcAddress
GetSystemInfo
VirtualAlloc
VirtualFree
InitializeCriticalSection
CloseHandle
LeaveCriticalSection
CreateSemaphoreA
IsDBCSLeadByte
WaitForSingleObject
ReleaseSemaphore
SetEvent
ResetEvent

Exports

Exports

DLL_Initialize

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9374d5ba1d1e0327ac08b1386d906167

Headers

File Characteristics

PDB Paths

Imports

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 848B

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 1KB - Virtual size: 1KB

.text Size: 62KB - Virtual size: 64KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 848B

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 62KB - Virtual size: 64KB