7524b10076e9e70a78239cd8a0d384a4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7524b10076e9e70a78239cd8a0d384a4_JaffaCakes118
Size

15.5MB
MD5

7524b10076e9e70a78239cd8a0d384a4
SHA1

49cdbc83678149456c9a5c161de31cadd07ef60f
SHA256

16a1d22075f171ebb2d879aabd242a02a18f2aab5bc64e8d7838c188b2c70978
SHA512

db7b3ceec9c8d141615db724590b2bfdec924cb8c389e511a54c5c71928b3e4bb382419b36c240dd86b74000ad3e5add832503bec6b86afa96f83fa233b91ae8
SSDEEP

98304:mBAUZLvJwjnI7A57bnGnI7A57hWx2NA3CBAUZLvJwjnI7A57qhmDmuPZAWAxH3kk:mVLG5E5lk2VLG5MmD5RVAxH3kn5QykN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7524b10076e9e70a78239cd8a0d384a4_JaffaCakes118

Files

7524b10076e9e70a78239cd8a0d384a4_JaffaCakes118
.dll windows:4 windows x64 arch:x64

b6985b0ad9e63ee16006ec85f70d5b20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__iob_func
_amsg_exit
_errno
_initterm
_lock
_onexit
_unlock
abort
calloc
free
fwrite
malloc
memcmp
memcpy
qsort
signal
sprintf
strchr
strcmp
strcpy
strlen
strncmp
vfprintf
_strdup

Exports

Exports

_imp___libiconv_version
_libiconv_version
aliases2_lookup
aliases_lookup
iconv_canonicalize
libiconv
libiconv_close
libiconv_open
libiconv_open_into
libiconv_relocate
libiconv_set_relocation_prefix
libiconvctl
libiconvlist
locale_charset

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 824KB - Virtual size: 823KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6985b0ad9e63ee16006ec85f70d5b20

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 86KB - Virtual size: 86KB

.data Size: 512B - Virtual size: 112B

.rdata Size: 824KB - Virtual size: 823KB

.pdata Size: 4KB - Virtual size: 4KB

.xdata Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 433B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 80B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 616B

.text
Size: 86KB - Virtual size: 86KB

.data
Size: 512B - Virtual size: 112B

.rdata
Size: 824KB - Virtual size: 823KB

.pdata
Size: 4KB - Virtual size: 4KB

.xdata
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 433B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 80B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 616B