615e62699a7ecc99e259011e49fdc92d_JaffaCakes118

General

Target

615e62699a7ecc99e259011e49fdc92d_JaffaCakes118
Size

108KB
MD5

615e62699a7ecc99e259011e49fdc92d
SHA1

e7633e74faec600f231afb25ab8c45cdc41d7924
SHA256

cd71bb23663b3ad6e1ad8427fce6a4d895c03a9dd2fb90c3f7552a6ff7b79992
SHA512

07f6b91978e81f01620af354955394c3efa5cd330581d7b3b2bf0b2caf8e12bd1ade22afd84c7a83eb3c4e4f6acf6629ca59a7456f002b7f1b50b00dfe987fd9
SSDEEP

1536:rDtIZDsxDwcn0WYlGTRM+GVEcrBZfx6KXFq1vkqZb:rD2OhwcnfGVE0BZx6KE1vkqZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
615e62699a7ecc99e259011e49fdc92d_JaffaCakes118

Files

615e62699a7ecc99e259011e49fdc92d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8e44c6eb0ec98b14957c9eb5360bb758

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
strchr
calloc
_beginthreadex
atol
realloc
strncat
_errno
strncpy
strncmp
atoi
strrchr
_except_handler3
malloc
free
strcat
strcpy
strcmp
_CxxThrowException
memcmp
memmove
strstr
strlen
_ftol
ceil
__CxxFrameHandler
_strrev
_strnicmp
_strupr
_strcmpi
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

kernel32

InterlockedExchange
RaiseException
LocalAlloc
FreeLibrary
LoadLibraryA
GetProcAddress
GetLastError

Exports

Exports

Rukou

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e44c6eb0ec98b14957c9eb5360bb758

Headers

File Characteristics

Imports

msvcrt

msvcp60

kernel32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 5KB