43fa44a9460120279a77ea71039f84bb_JaffaCakes118

General

Target

43fa44a9460120279a77ea71039f84bb_JaffaCakes118
Size

139KB
MD5

43fa44a9460120279a77ea71039f84bb
SHA1

e776749d4d576aca8bde294b09e60239b0cd736b
SHA256

24abb43d028711fda01bc59c13fd0b4c6c65ad04e2541dfed0de2198f21d9c06
SHA512

a82534f2eb104f49807f2ff71f655ff0c4cb8734847d322031e2caa30e2ad52cbbea80d876ed97ee4c02203bd066e19b9c8d949cdac400ebb807caae8211b627
SSDEEP

3072:+VO5iWRvZmxA2+dHHcxG1vsBXVPPwe6T/nx1MP:+0FZ+dG1ULwe6Tf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43fa44a9460120279a77ea71039f84bb_JaffaCakes118

Files

43fa44a9460120279a77ea71039f84bb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

43a64d2c378c236ebd33ef50704c8204

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\waldo\v1200\engines\crlppd\objprodX\CrlPPD.pdb

Imports

mfc71u

ord5398
ord283
ord280
ord774
ord776
ord870
ord1472
ord3927
ord577
ord2460
ord764
ord2121
ord777
ord762

msvcr71

__CppXcptFilter
__security_error_handler
?terminate@@YAXXZ
__dllonexit
_onexit
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_except_handler3
__CxxFrameHandler
fputs
fwrite
sprintf
atof
strtok
fseek
ftell
fread
free
realloc
strncpy
fopen
fgets
strncmp
fclose
malloc
memset

kernel32

LoadLibraryA
GetACP
GetProcAddress
GetThreadLocale
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
DisableThreadLibraryCalls
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
InterlockedExchange

Exports

Exports

?CreatePPDManagerInstance@@YGHPAPAVIPPDManager@@@Z

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43a64d2c378c236ebd33ef50704c8204

Headers

File Characteristics

PDB Paths

Imports

mfc71u

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 224B

.rsrc Size: 100KB - Virtual size: 100KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 224B

.rsrc
Size: 100KB - Virtual size: 100KB

.reloc
Size: 2KB - Virtual size: 1KB