a58c535c9db5d524424380046e3c0a91_JaffaCakes118

General

Target

a58c535c9db5d524424380046e3c0a91_JaffaCakes118
Size

220KB
MD5

a58c535c9db5d524424380046e3c0a91
SHA1

887f7db1273bf8d653daf8d8403366c068dc0bcf
SHA256

8c404bd5b523995c0d511a501d52b6ee59fcf2824069d7cac0c6446aeb2ed4e1
SHA512

16851ee178dce0714a54e794ee5855dbcda46c341a3f8360bf1b8ce5ec02cd062be7c2aae27ee3cf0a06b943d940b186fa8a3b77bfa1e180f92de5fc74ba2314
SSDEEP

3072:Cbm3cMg8qYyLe5EaQ4GGv2WBpGzaPm3S+3lPpj7OcPnUlu5BAnViPUXAXmotd+D:73cqqUduZzaPm333nOcPnUl8B0VP7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a58c535c9db5d524424380046e3c0a91_JaffaCakes118

Files

a58c535c9db5d524424380046e3c0a91_JaffaCakes118
.dll windows:4 windows x86 arch:x86

977f0e360d93160a53a6a92ed5c2ac82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\src\datatype_rn\mp4\filewriter\mp4wrtr.pdb

Imports

ole32

CoCreateGuid

kernel32

GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
ExitProcess
GetCurrentThreadId
DisableThreadLibraryCalls
GetSystemTimeAsFileTime

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr71

vsprintf
??3@YAXPAX@Z
??_V@YAXPAX@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_purecall
??0exception@@QAE@ABV0@@Z
_CxxThrowException
strncmp
strncpy
_stricmp
strrchr
sprintf
atoi
_strdup
strchr
_ftime
strtol
__CxxFrameHandler
strncat
wcslen
_vsnprintf
malloc
_callnewh
__security_error_handler
_except_handler3
??1type_info@@UAE@XZ
free
_initterm
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit
?terminate@@YAXXZ
_strcmpi
atof

Exports

Exports

RMACreateInstance

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

977f0e360d93160a53a6a92ed5c2ac82

Headers

File Characteristics

PDB Paths

Imports

ole32

kernel32

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 412B

.reloc Size: 8KB - Virtual size: 5KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 412B

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 100KB - Virtual size: 100KB