4b7eb65a2f5ea2936783d6fc8c4410be_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b7eb65a2f5ea2936783d6fc8c4410be_JaffaCakes118
Size

111KB
MD5

4b7eb65a2f5ea2936783d6fc8c4410be
SHA1

4ec47993bc7c7c94489235ce9af52894edbd301c
SHA256

52d3a0070195660c056b8be2d8c87a5631a7050a34fa5818f2faae0e2885f345
SHA512

9840d92325c686ddba0507b383794a6ec9d0debc734e7f86ecc43452ac3283e125bd9eac61a8091ff2628ca7223d77df9e8933a9bea1d887e07535b5aeb7d454
SSDEEP

3072:Slo3Tz8XK0kC+8RWiKriGmuwWigx+LJ79rOg:pj4X0+RWihBWigs1kg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b7eb65a2f5ea2936783d6fc8c4410be_JaffaCakes118

Files

4b7eb65a2f5ea2936783d6fc8c4410be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98ddc370ecd1ce165254a249215368d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrSimpleTypeUnmarshall
IUnknown_AddRef_Proxy
NdrProxyGetBuffer
NdrUserMarshalBufferSize
NdrUserMarshalFree
IUnknown_Release_Proxy
NdrStubInitialize
CStdStubBuffer_Connect
CStdStubBuffer_DebugServerQueryInterface
NdrConformantStringUnmarshall
CStdStubBuffer_AddRef
CStdStubBuffer_DebugServerRelease
NdrInterfacePointerMarshall
NdrOleFree
NdrStubCall2
NdrPointerUnmarshall
NdrPointerFree
NdrConformantArrayBufferSize
NdrSimpleTypeMarshall
NdrProxySendReceive
NdrSimpleStructBufferSize
NdrInterfacePointerUnmarshall
NdrInterfacePointerFree
NdrAllocate
NdrConformantStringBufferSize
NdrUserMarshalMarshall
NdrPointerMarshall
NdrConformantArrayUnmarshall
NdrInterfacePointerBufferSize
NdrCStdStubBuffer_Release
NdrConformantStringMarshall
NdrSimpleStructMarshall
CStdStubBuffer_Invoke
NdrConvert
NdrDllGetClassObject
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
NdrDllRegisterProxy
NdrStubGetBuffer
NdrOleAllocate
RpcRaiseException
CStdStubBuffer_Disconnect
NdrPointerBufferSize
NdrSimpleStructUnmarshall
NdrConformantArrayMarshall
IUnknown_QueryInterface_Proxy
NdrProxyFreeBuffer
CStdStubBuffer_CountRefs
NdrUserMarshalUnmarshall
NdrDllCanUnloadNow
NdrStubForwardingFunction
NdrProxyErrorHandler
NdrProxyInitialize
CStdStubBuffer_IsIIDSupported
NdrCStdStubBuffer2_Release
NdrClearOutParameters

kernel32

UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
GetTickCount
TerminateProcess
GetCurrentThreadId
DisableThreadLibraryCalls
SetUnhandledExceptionFilter

msvcrt

free
_initterm
_adjust_fdiv
_except_handler3
malloc

ntdll

RtlLargeIntegerShiftLeft
NtAllocateVirtualMemory
LdrGetDllHandle

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 372KB - Virtual size: 984KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98ddc370ecd1ce165254a249215368d9

Headers

File Characteristics

Imports

rpcrt4

kernel32

msvcrt

ntdll

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 372KB - Virtual size: 984KB

.rdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 78KB - Virtual size: 77KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 372KB - Virtual size: 984KB

.rdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 78KB - Virtual size: 77KB

.reloc
Size: 512B - Virtual size: 20B