5b5f963ee048c1fe717207acb4007b71_JaffaCakes118

General

Target

5b5f963ee048c1fe717207acb4007b71_JaffaCakes118
Size

91KB
MD5

5b5f963ee048c1fe717207acb4007b71
SHA1

9508eaac5dfe526b7435bb88c8ec7e52ba73b42a
SHA256

24afc7ba07a1bb3b9498ca23ab234a18851d64742e6222cf6a7f891c31c6293a
SHA512

4ea342c21affbd40672e4c57b3259907da06d87d6544594c3274dc202fa48b267349cac067c461706916e222243beb1df824168f30a7e5f058baa07581487b23
SSDEEP

1536:mt5IVOiW6QpxupgV6BqXVl+iW8fQ2He4E1QJzih6cJjZ1NLtK8tJAbEpk6v:mtmOiPQHuplqXVlnVZe+BSxJVHvtJAer

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b5f963ee048c1fe717207acb4007b71_JaffaCakes118

Files

5b5f963ee048c1fe717207acb4007b71_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a3df749041512d3ae35398eda5efb2e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

x:\kripter-append\Release\Stub.pdb

Imports

msvcr90

__dllonexit
_lock
_onexit
_unlock
_except_handler4_common
_invoke_watson
_controlfp_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
exit
??3@YAXPAX@Z
_decode_pointer
malloc
memset
_CxxThrowException
__CxxFrameHandler3

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
CloseHandle
GetModuleFileNameA
LoadLibraryA
VirtualAlloc
GetProcAddress
ReadFile
Sleep
FreeLibrary
SetFilePointer
GetFileSize
CreateFileA
GetSystemTimeAsFileTime

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3df749041512d3ae35398eda5efb2e8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr90

kernel32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB