8444a4dfd26881a528587c49c0eff43a_JaffaCakes118

General

Target

8444a4dfd26881a528587c49c0eff43a_JaffaCakes118
Size

8KB
MD5

8444a4dfd26881a528587c49c0eff43a
SHA1

b88b152070866d6f0ac9773088c03a6fbdf57341
SHA256

2819fa09d02112d0258c8b35a3b7283af4b294793c9b3443b988795a4be16d5c
SHA512

f1d120251b968839d46742e6936d16d2abf5c7c660f6d474624a1b741af74b85bb5be8008a00443d4379e00f9cd80b88a4d3afc361ed1efbac37bb83be10a448
SSDEEP

192:/zVDE3q4m2wErAyvAOj2jBK3Xk6AkpbDzWf:/RUqlkkyBR06Lq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8444a4dfd26881a528587c49c0eff43a_JaffaCakes118

Files

8444a4dfd26881a528587c49c0eff43a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e91df787c889bede0ea682fadac0d9fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\testss\plugin\dllseven.pdb

Imports

kernel32

Sleep
GetProcAddress
LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_crt_debugger_hook
free
_encoded_null
_malloc_crt
_encode_pointer
_beginthread
_endthread
_decode_pointer
_adjust_fdiv
_amsg_exit
_initterm_e
_except_handler4_common
_initterm
__CppXcptFilter
__CxxFrameHandler3
memset

Exports

Exports

pla

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 450B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e91df787c889bede0ea682fadac0d9fa

Headers

File Characteristics

PDB Paths

Imports

kernel32

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 868B

.rsrc Size: 512B - Virtual size: 428B

.reloc Size: 512B - Virtual size: 450B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 868B

.rsrc
Size: 512B - Virtual size: 428B

.reloc
Size: 512B - Virtual size: 450B