c06b4d5e8b73ef4429baf806dbc2cd22_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c06b4d5e8b73ef4429baf806dbc2cd22_JaffaCakes118
Size

1.0MB
MD5

c06b4d5e8b73ef4429baf806dbc2cd22
SHA1

0e0151b330a9927143eb852ce9f9c070dd8d983c
SHA256

6cdeb87d7396c94f858953642bc627c75de5c76316eef5ce8bf9b8df7ad72c10
SHA512

036283ba1a511d856cc27b15b041dc3cba406bdcf96b0a5901577112600a90205b071ef69fc5d13b777a2771658b74fe9351f710b527522b0e01bb75ba9ce262
SSDEEP

12288:pK7rGNrkty0fkhAlmvqRVB7rGNrkty0fkhAlmvpWnBBMoUeF5FKxhG7N7LoG:pKErmyFAeqRErmyFAepcblUG5WhG7NP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c06b4d5e8b73ef4429baf806dbc2cd22_JaffaCakes118

Files

c06b4d5e8b73ef4429baf806dbc2cd22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0a0d6a74cdf6bc32df59b7f8a9e3893

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\builds\moz2_slave\win32_build\build\obj-firefox\browser\app\firefox.pdb

Imports

xul

XRE_GetFileFromPath
XRE_GetBinaryPath
XRE_main
XRE_FreeAppData
XRE_CreateAppData

xpcom

NS_StringGetData
NS_LogInit
NS_CStringToUTF16
NS_StringContainerFinish
NS_CStringContainerFinish
NS_StringContainerInit
NS_CStringContainerInit2
NS_LogTerm

nspr4

PR_smprintf_free
PR_smprintf
PR_SetEnv
PR_GetEnv

plc4

PL_strcasecmp

kernel32

IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
SearchPathW
GetCurrentProcess
VirtualAllocEx
VirtualProtectEx
GetProcAddress
LoadLibraryExA

user32

MessageBoxW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

mozcrt19

_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_onexit
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
__set_app_type
_fdopen
fclose
malloc
strcmp
_vsnwprintf
??_U@YAPAXI@Z
wcslen
free
wcsrchr
memcpy
??_V@YAXPAX@Z
vfprintf
_dup

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 870KB - Virtual size: 869KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xrdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a0a0d6a74cdf6bc32df59b7f8a9e3893

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

xul

xpcom

nspr4

plc4

kernel32

user32

version

mozcrt19

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 870KB - Virtual size: 869KB

.reloc Size: 3KB - Virtual size: 2KB

.xrdata Size: 72KB - Virtual size: 72KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 870KB - Virtual size: 869KB

.reloc
Size: 3KB - Virtual size: 2KB

.xrdata
Size: 72KB - Virtual size: 72KB