a153e6015adf97a0eca55eeb5dc46994_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a153e6015adf97a0eca55eeb5dc46994_JaffaCakes118
Size

8KB
MD5

a153e6015adf97a0eca55eeb5dc46994
SHA1

e1e28871761c0504a9124c809835c89255eb1259
SHA256

15f37ba706e9ddd29a0396c5ed4969f9134fec7f7bac09265a5d0bc8fb7f4f27
SHA512

53078dafd90342e2a670992643c78819ccd897b4a2afa7d6408e8f1c4b11ba66343cfb5d151c52b6143173852f48e3901409d985b6496eaa59220109d4428c3a
SSDEEP

96:S2VvOmb+/p8Ramt1ebq7Yv8thVNwRjFuB3XAF9VAm6vxbt3JeC7tCr:NVvOmK/p8R5cX8tT+uB3XQ9VR6p5Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a153e6015adf97a0eca55eeb5dc46994_JaffaCakes118

Files

a153e6015adf97a0eca55eeb5dc46994_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d32e5b3eeefae6a25e010ff8cbc435e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\master\clone\ure\jurt\wntmsci12.pro\bin\jpipe.pdb

Imports

msvcr90

_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
GetSystemTimeAsFileTime

Exports

Exports

GetVersionInfo
_Java_com_sun_star_lib_connections_pipe_PipeConnection_closeJNI@8
_Java_com_sun_star_lib_connections_pipe_PipeConnection_createJNI@12
_Java_com_sun_star_lib_connections_pipe_PipeConnection_flushJNI@8
_Java_com_sun_star_lib_connections_pipe_PipeConnection_readJNI@16
_Java_com_sun_star_lib_connections_pipe_PipeConnection_writeJNI@12

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 390B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d32e5b3eeefae6a25e010ff8cbc435e5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 390B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 390B