2ff5e4e480315e42999e02412e675b59_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ff5e4e480315e42999e02412e675b59_JaffaCakes118
Size

186KB
MD5

2ff5e4e480315e42999e02412e675b59
SHA1

c8c123b2a2d05f5642b5ff8b42535dc675e53d0d
SHA256

aca5ba4a4db7f82256fba44c0a2041e59f7f12b67baf4cc9752c7b2e073b220a
SHA512

03504c134206b3a7d72184a7ed1b352ad543a3281fb1d08d2bf8a63cf996e66936537d4f032b246d7a9437f85af7bf8c1e13cb714bd702dad8168d761fdd1492
SSDEEP

3072:hAspK62I4m3ARoRyjdUWHK+APJSD0VbMzZFrkCwqKCoOxTIUbwRX9j+m6I800JNt:hAspK62I4m3ARoRyjdUWHK+APJSD0VbC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ff5e4e480315e42999e02412e675b59_JaffaCakes118

Files

2ff5e4e480315e42999e02412e675b59_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1804ca53d54dec1029000e268593bc21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_~1\jdk6_20\control\build\WINDOW~1\tmp\java\java.lang.management\management\obj\management.pdb

Imports

java

JNU_NewObjectByName
_JNU_ThrowIOException@8
_JNU_ThrowOutOfMemoryError@8
_JNU_ThrowInternalError@8
_JNU_ThrowNullPointerException@8
_JNU_ThrowIllegalArgumentException@8
_JNU_ThrowIOExceptionWithLastError@8
_JNU_GetStaticFieldByName@20
_JNU_GetStringPlatformChars@12
_JNU_ReleaseStringPlatformChars@12

jvm

_JVM_ActiveProcessorCount@0
_JVM_GetManagement@4
_JVM_GetAllThreads@8

advapi32

EqualSid

msvcr71

_onexit
sprintf
__dllonexit
free
strchr
malloc
_strdup
_errno
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3

kernel32

DisableThreadLibraryCalls
GetProcessTimes
GlobalMemoryStatus
FreeLibrary
GetVersionExA
LoadLibraryA
GetProcAddress
GetLastError
GetVolumeInformationA
GetCurrentProcess

Exports

Exports

_JNI_OnLoad@8
_Java_com_sun_management_OperatingSystem_getCommittedVirtualMemorySize0@8
_Java_com_sun_management_OperatingSystem_getFreePhysicalMemorySize@8
_Java_com_sun_management_OperatingSystem_getFreeSwapSpaceSize@8
_Java_com_sun_management_OperatingSystem_getProcessCpuTime@8
_Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8
_Java_com_sun_management_OperatingSystem_getTotalSwapSpaceSize@8
_Java_com_sun_management_OperatingSystem_initialize@8
_Java_sun_management_ClassLoadingImpl_setVerboseClass@12
_Java_sun_management_FileSystemImpl_init0@8
_Java_sun_management_FileSystemImpl_isAccessUserOnly0@12
_Java_sun_management_FileSystemImpl_isSecuritySupported0@12
_Java_sun_management_Flag_getAllFlagNames@8
_Java_sun_management_Flag_getFlags@20
_Java_sun_management_Flag_getInternalFlagCount@8
_Java_sun_management_Flag_initialize@8
_Java_sun_management_Flag_setBooleanValue@16
_Java_sun_management_Flag_setLongValue@20
_Java_sun_management_Flag_setStringValue@16
_Java_sun_management_GarbageCollectorImpl_getCollectionCount@8
_Java_sun_management_GarbageCollectorImpl_getCollectionTime@8
_Java_sun_management_GcInfoBuilder_fillGcAttributeInfo@28
_Java_sun_management_GcInfoBuilder_getLastGcInfo0@32
_Java_sun_management_GcInfoBuilder_getNumGcExtAttributes@12
_Java_sun_management_HotSpotDiagnostic_dumpHeap@16
_Java_sun_management_HotspotThread_getInternalThreadCount@8
_Java_sun_management_HotspotThread_getInternalThreadTimes0@16
_Java_sun_management_MemoryImpl_getMemoryManagers0@8
_Java_sun_management_MemoryImpl_getMemoryPools0@8
_Java_sun_management_MemoryImpl_getMemoryUsage0@12
_Java_sun_management_MemoryImpl_setVerboseGC@12
_Java_sun_management_MemoryManagerImpl_getMemoryPools0@8
_Java_sun_management_MemoryPoolImpl_getCollectionUsage0@8
_Java_sun_management_MemoryPoolImpl_getMemoryManagers0@8
_Java_sun_management_MemoryPoolImpl_getPeakUsage0@8
_Java_sun_management_MemoryPoolImpl_getUsage0@8
_Java_sun_management_MemoryPoolImpl_resetPeakUsage0@8
_Java_sun_management_MemoryPoolImpl_setCollectionThreshold0@24
_Java_sun_management_MemoryPoolImpl_setPoolCollectionSensor@12
_Java_sun_management_MemoryPoolImpl_setPoolUsageSensor@12
_Java_sun_management_MemoryPoolImpl_setUsageThreshold0@24
_Java_sun_management_ThreadImpl_dumpThreads0@20
_Java_sun_management_ThreadImpl_findDeadlockedThreads0@8
_Java_sun_management_ThreadImpl_findMonitorDeadlockedThreads0@8
_Java_sun_management_ThreadImpl_getThreadInfo0@20
_Java_sun_management_ThreadImpl_getThreadTotalCpuTime0@16
_Java_sun_management_ThreadImpl_getThreadUserCpuTime0@16
_Java_sun_management_ThreadImpl_getThreads@8
_Java_sun_management_ThreadImpl_resetContentionTimes0@16
_Java_sun_management_ThreadImpl_resetPeakThreadCount0@8
_Java_sun_management_ThreadImpl_setThreadContentionMonitoringEnabled0@12
_Java_sun_management_ThreadImpl_setThreadCpuTimeEnabled0@12
_Java_sun_management_VMManagementImpl_getAvailableProcessors@8
_Java_sun_management_VMManagementImpl_getClassInitializationTime@8
_Java_sun_management_VMManagementImpl_getClassLoadingTime@8
_Java_sun_management_VMManagementImpl_getClassVerificationTime@8
_Java_sun_management_VMManagementImpl_getDaemonThreadCount@8
_Java_sun_management_VMManagementImpl_getInitializedClassCount@8
_Java_sun_management_VMManagementImpl_getLiveThreadCount@8
_Java_sun_management_VMManagementImpl_getLoadedClassSize@8
_Java_sun_management_VMManagementImpl_getMethodDataSize@8
_Java_sun_management_VMManagementImpl_getPeakThreadCount@8
_Java_sun_management_VMManagementImpl_getProcessId@8
_Java_sun_management_VMManagementImpl_getSafepointCount@8
_Java_sun_management_VMManagementImpl_getSafepointSyncTime@8
_Java_sun_management_VMManagementImpl_getStartupTime@8
_Java_sun_management_VMManagementImpl_getTotalApplicationNonStoppedTime@8
_Java_sun_management_VMManagementImpl_getTotalClassCount@8
_Java_sun_management_VMManagementImpl_getTotalCompileTime@8
_Java_sun_management_VMManagementImpl_getTotalSafepointTime@8
_Java_sun_management_VMManagementImpl_getTotalThreadCount@8
_Java_sun_management_VMManagementImpl_getUnloadedClassCount@8
_Java_sun_management_VMManagementImpl_getUnloadedClassSize@8
_Java_sun_management_VMManagementImpl_getVerboseClass@8
_Java_sun_management_VMManagementImpl_getVerboseGC@8
_Java_sun_management_VMManagementImpl_getVersion0@8
_Java_sun_management_VMManagementImpl_getVmArguments0@8
_Java_sun_management_VMManagementImpl_initOptionalSupportFields@8
_Java_sun_management_VMManagementImpl_isThreadContentionMonitoringEnabled@8
_Java_sun_management_VMManagementImpl_isThreadCpuTimeEnabled@8

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 778B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1804ca53d54dec1029000e268593bc21

Headers

File Characteristics

PDB Paths

Imports

java

jvm

advapi32

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 168KB - Virtual size: 168KB

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 1024B - Virtual size: 778B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 168KB - Virtual size: 168KB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 1024B - Virtual size: 778B