2ec432d21e3ae1d889805589f13d3829_JaffaCakes118

General

Target

2ec432d21e3ae1d889805589f13d3829_JaffaCakes118
Size

6.6MB
MD5

2ec432d21e3ae1d889805589f13d3829
SHA1

c09d8e30f586ddabdf25fe98f70bf2a7e82e3677
SHA256

0f0dbc6c098d96c2cc8ae3b10c6d6c12ab7fa1ce32803a439c0999b72b278b28
SHA512

7a43ab9e69bca8109d3471e0bd746d0709833c87c7ff1d21da77307d92bdb0f6a97ebb3cd92c81a4b96082eb964a8693e8a862021917c109ca59ee4d1d4c8988
SSDEEP

49152:sas0C1OyzCj+b6Oaxr+dBm+5oViG6pF1SB5+wywBabtSU012NPaHd537Une5ZTW7:Bs06EPKdBV5CXJXOJdA/3A0ZTFVaBISp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ec432d21e3ae1d889805589f13d3829_JaffaCakes118

Files

2ec432d21e3ae1d889805589f13d3829_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mrt.pdb

Exports

Exports

FPU_f2xm1
FPU_fabs
FPU_fadd
FPU_fbld
FPU_fbst
FPU_fchs
FPU_fcom
FPU_fcomi
FPU_fcos
FPU_fdiv
FPU_fdivr
FPU_fild_s16
FPU_fild_s32
FPU_fild_s64
FPU_finit
FPU_fist_s16
FPU_fist_s32
FPU_fist_s64
FPU_fistt_s16
FPU_fistt_s32
FPU_fistt_s64
FPU_fld1
FPU_fld_double
FPU_fld_ext
FPU_fld_single
FPU_fldenv_16
FPU_fldenv_32
FPU_fldl2e
FPU_fldl2t
FPU_fldlg2
FPU_fldln2
FPU_fldpi
FPU_fldz
FPU_fmul
FPU_fpatan
FPU_fprem
FPU_fprem1
FPU_fptan
FPU_frndint
FPU_fscale
FPU_fsin
FPU_fsincos
FPU_fsqrt
FPU_fst_double
FPU_fst_ext
FPU_fst_single
FPU_fstenv_16
FPU_fstenv_32
FPU_fstsw
FPU_fsub
FPU_fsubr
FPU_ftst
FPU_fucom
FPU_fucomi
FPU_fxam
FPU_fxch
FPU_fxtract
FPU_fyl2x
FPU_fyl2xp1
FPU_get_reg
FPU_initialize
FPU_pop
FPU_push
FPU_set_rndprec

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 46KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.heb
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.data Size: 46KB - Virtual size: 403KB

.rsrc Size: 4.9MB - Virtual size: 4.9MB

.heb Size: 1KB - Virtual size: 4KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 46KB - Virtual size: 403KB

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

.heb
Size: 1KB - Virtual size: 4KB