a1488281edac49a443c9ad12edde783d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1488281edac49a443c9ad12edde783d_JaffaCakes118
Size

142KB
MD5

a1488281edac49a443c9ad12edde783d
SHA1

202b580a7f1f46c9654ab6e5a69a4f3720779489
SHA256

7872761412124ec1aac3c2088990761e8c2df4907a99a4ba9d8c6bddf68837de
SHA512

e98843cdb46afdf17e4c3a19f8a042746f54f963e3b07dc5cf07dc8b422b3be0eb52274ba6c867fba25b1bb1d9fb52c9dcfaced77d6be0b7cb53ad396a71816c
SSDEEP

3072:YlzlH9A93SVFzTYNFiEez/a69bnOaClaWFhoWzmdr0POxjvjnMO0:6RH9cSgNw7bnOaIaWjoWzYAOxjp0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1488281edac49a443c9ad12edde783d_JaffaCakes118

Files

a1488281edac49a443c9ad12edde783d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dc1119f72cec818fa3fec14dbb38369f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\thailand\890a\cprd32\AOL\misc\coreclient\vCard\vCard.pdb

Imports

msvcp71

?_Nomemory@std@@YAXXZ

msvcr71

__CxxFrameHandler
strcmp
isdigit
_callnewh
_initterm
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit
memcpy
strlen
??3@YAXPAX@Z
atoi
??_V@YAXPAX@Z
_except_handler3
memset
_snprintf
ftell
fseek
_iob
isalpha
strchr
fgetc
fopen
free
_stricmp
wcslen
_CxxThrowException
__security_error_handler
??1type_info@@UAE@XZ
?terminate@@YAXXZ
fclose
fprintf
strrchr
strcpy
sprintf
realloc
malloc

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
LocalFree
WideCharToMultiByte
MultiByteToWideChar
GetLastError
lstrcpyA
DisableThreadLibraryCalls
InterlockedDecrement
lstrlenA
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA

oleaut32

SysAllocString
SysFreeString
VariantClear

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc1119f72cec818fa3fec14dbb38369f

Headers

File Characteristics

PDB Paths

Imports

msvcp71

msvcr71

kernel32

oleaut32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 2KB - Virtual size: 2KB

.text Size: 113KB - Virtual size: 116KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 113KB - Virtual size: 116KB