71d6297131f43c5cbd65c66fc79970db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71d6297131f43c5cbd65c66fc79970db_JaffaCakes118
Size

198KB
MD5

71d6297131f43c5cbd65c66fc79970db
SHA1

dd4f1378e3cf674d559772374cf448c1f73dafd1
SHA256

9a99f09f9c9386977b62ce2e236191fb6a669f7be7462f48850bed1052346bff
SHA512

d71e147fb85a24f30427956a36a5009394d5c3222c02b6be1e2548785ff8448ca9e1fb29a63fd419037bd807494961321cb9027e1c7437af1550e84e71e63012
SSDEEP

6144:LRwk3aO8SVOXPOq6LS4v8FU1Ys1I+SwKMIrCM77:9wiaO8e8dh40iYa5Sw+OM7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d6297131f43c5cbd65c66fc79970db_JaffaCakes118

Files

71d6297131f43c5cbd65c66fc79970db_JaffaCakes118
.dll windows:1 windows x86 arch:x86

8f6f189b3ac5278b25b858d0edbb7a24

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kpfp32

ord123
ord121
ord125
ord115
ord118
ord124
ord102
ord103
ord110
ord112
ord120
ord109
ord101
ord117
ord126
ord122
ord108
ord119

kpsys32

ord292
ord293
ord111
ord114
ord110
ord290
ord291
ord322
ord157
ord163
ord152
ord313
ord159
ord161
ord118
ord222
ord119
ord113
ord321
ord150

msvcrt20

atol
malloc
sin
strtod
_initterm
strlen
strcat
strcmp
strcpy
_ftol
_ltoa

kernel32

GetSystemDirectoryA
GlobalFree
GlobalAlloc
GetVersion

Exports

Exports

KpFiltClose
KpFiltGetInfoPriv
KpFiltProcess
KpFiltRectangles
KpFiltSetup
KpFiltStripBegin
KpFiltStripEnd
KpFiltUnloadPlugin

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f6f189b3ac5278b25b858d0edbb7a24

Headers

File Characteristics

Imports

kpfp32

kpsys32

msvcrt20

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.bss Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 228B

.data Size: 512B - Virtual size: 164B

.idata Size: 1024B - Virtual size: 774B

.edata Size: 168KB - Virtual size: 168KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 708B

.text
Size: 24KB - Virtual size: 24KB

.bss
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 228B

.data
Size: 512B - Virtual size: 164B

.idata
Size: 1024B - Virtual size: 774B

.edata
Size: 168KB - Virtual size: 168KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 708B