29befbc6c8f7f6405dbeb5b3641ecda1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29befbc6c8f7f6405dbeb5b3641ecda1_JaffaCakes118
Size

204KB
MD5

29befbc6c8f7f6405dbeb5b3641ecda1
SHA1

126d09b5f0ce20e8641d962c4cd2d317cd7f3559
SHA256

15b140103e0ae309e971e6cbf60cc369a4d04e504009bbb4f64f8a5b8291b70f
SHA512

3ccf021cb95651a203a087c2f789134aa73eb429d6a28ed193952033748e4f31ee390146d1df682fa8226c4c6c75a9ddc0bf4f7911e79363bfa989f13237a684
SSDEEP

3072:6Fr/n5sE+9oWcexATaggljmeIK3BpeIFciV3jU4nEvlTaPxpg0Vi8KGLYoLW:AEoWcoSIKIFc0N4kEc1ny

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29befbc6c8f7f6405dbeb5b3641ecda1_JaffaCakes118

Files

29befbc6c8f7f6405dbeb5b3641ecda1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1c8f12b4d0a0c3e3ea14abc2fc892886

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_AREA\jdk6\control\build\windows-i586\tmp\sun\sun.instrument\instrument\obj\instrument.pdb

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetACP
GetLocaleInfoA
GetUserDefaultLCID
IsDBCSLeadByte
GetLastError
FindClose
FindFirstFileA
HeapFree
HeapAlloc
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetFullPathNameA
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
ExitProcess
TerminateProcess
GetCurrentProcess
LoadLibraryA
LCMapStringA
LCMapStringW
GetDriveTypeA
GetCurrentDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
GetStringTypeW
GetCPInfo
GetOEMCP
FlushFileBuffers
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo
SetFilePointer
CloseHandle
HeapSize
SetStdHandle
ReadFile
CreateFileA
SetEndOfFile

Exports

Exports

Agent_OnAttach
_Agent_OnLoad@12
_Agent_OnUnload@4
_Java_sun_instrument_InstrumentationImpl_appendToClassLoaderSearch0@24
_Java_sun_instrument_InstrumentationImpl_getAllLoadedClasses0@16
_Java_sun_instrument_InstrumentationImpl_getInitiatedClasses0@20
_Java_sun_instrument_InstrumentationImpl_getObjectSize0@20
_Java_sun_instrument_InstrumentationImpl_isModifiableClass0@20
_Java_sun_instrument_InstrumentationImpl_isRetransformClassesSupported0@16
_Java_sun_instrument_InstrumentationImpl_redefineClasses0@20
_Java_sun_instrument_InstrumentationImpl_retransformClasses0@20
_Java_sun_instrument_InstrumentationImpl_setHasRetransformableTransformers@20
_Java_sun_instrument_InstrumentationImpl_setNativeMethodPrefixes@24

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c8f12b4d0a0c3e3ea14abc2fc892886

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 8KB - Virtual size: 4KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 108KB - Virtual size: 108KB