7286c85cbbd5e25e3607352613fb4049_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7286c85cbbd5e25e3607352613fb4049_JaffaCakes118
Size

199KB
MD5

7286c85cbbd5e25e3607352613fb4049
SHA1

ddd5b7e1e3b359ef6ce3a16b7f40d8b7682f806c
SHA256

c22065befeaa5f4f342c4b2f6717a7f4b5f640181564d2e7152cf30b2a745d76
SHA512

c3534b96b5912fee5213bdab4f0417e40a67db64e1ad59141c2062f194851682a7f745ab26a939d2e1dbdb7fda6f3e21ab60df9f36e3b9e5528e0db5a888d1f2
SSDEEP

3072:ccfEGT4VbSVyfG10de5txcEAKqhdWsHZdtFby1Y1QpdDLaiYj6VoYF1QYmCM0OjU:cRGobSnQc6Ks1ZfQjui421QYmmOjoC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7286c85cbbd5e25e3607352613fb4049_JaffaCakes118

Files

7286c85cbbd5e25e3607352613fb4049_JaffaCakes118
.dll windows:4 windows x86 arch:x86

07bcffb1f82feb7a242fdad899ace521

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Exports

Exports

_GetIDT_If32@8
_GetRMInts_If32@8
_GetV86Vector_If32@12
_GetVectors_If32@8
_InitIV_32@12
_InitVectors_32@8
_IsLoadComplete_32@4
_SetIDT_If32@8
_SetV86Vector_If32@12
_SetVectors_If32@16
thk_ThunkData32

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07bcffb1f82feb7a242fdad899ace521

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 15KB

.idata Size: 173KB - Virtual size: 173KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 15KB

.idata
Size: 173KB - Virtual size: 173KB

.reloc
Size: 1KB - Virtual size: 1KB