adf9db2899c8a4c04d3aeed59f29725b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

adf9db2899c8a4c04d3aeed59f29725b_JaffaCakes118
Size

70KB
MD5

adf9db2899c8a4c04d3aeed59f29725b
SHA1

82a263b10852717164cd401e3f5252df9159d77b
SHA256

677ef6a18a5ecb2f37193d4439fd7ac15af4c1c7aad94a14a2ee3e13d23f9800
SHA512

171216c12fa23f49c82611f64af7d55750a3d8aba9c0fdbbb5d31459bf39f145c1085b141f5c3fa02db84c1a63de46b425fc2ba8500bd61ed4ec4951a067d3ca
SSDEEP

768:FG0dwB9FRAjFdkW5EZRDU+Ma7COa7BQOH:haR2fkWOZRDU+MjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adf9db2899c8a4c04d3aeed59f29725b_JaffaCakes118

Files

adf9db2899c8a4c04d3aeed59f29725b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

90193757a5e8a3b9ce94571e6fcbe994

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\jld\documents\visual studio 2010\Projects\Hello World\Debug\Hello World.pdb

Imports

msvcp100d

?_Xlength_error@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?width@ios_base@std@@QAE_J_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0_Container_base12@std@@QAE@XZ
?_Getpfirst@_Container_base12@std@@QBEPAPAU_Iterator_base12@2@XZ
??1_Container_base12@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?_Orphan_all@_Container_base12@std@@QAEXXZ
?_Debug_message@std@@YAXPB_W0I@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

msvcr100d

?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_invoke_watson
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_initterm_e
_initterm
_CrtSetCheckCount
__initenv
exit
_XcptFilter
_exit
__getmainargs
_amsg_exit
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_CRT_RTC_INITW
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
strlen
??3@YAXPAX@Z
_CrtDbgReportW
_invalid_parameter
__CxxFrameHandler3
_cexit
memset
memcpy
memmove

kernel32

InterlockedExchange
Sleep
InterlockedCompareExchange
HeapSetInformation
WideCharToMultiByte
IsDebuggerPresent
MultiByteToWideChar
RaiseException
lstrlenA
GetProcAddress
LoadLibraryW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DecodePointer
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetProcessHeap
FreeLibrary
VirtualQuery
GetModuleFileNameW
EncodePointer

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90193757a5e8a3b9ce94571e6fcbe994

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp100d

msvcr100d

kernel32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB