c1777491ce82f7484b292b586892f803_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1777491ce82f7484b292b586892f803_JaffaCakes118
Size

184KB
MD5

c1777491ce82f7484b292b586892f803
SHA1

07903e5ca7c3075d4ec6dbf4e8c57ef8877c1c3f
SHA256

4069d1da5f18110d6fdce0b69197996f417eccd1c566a60dedd43791074937c5
SHA512

d42929d1bcd1ba09feed3569f4cce9d5b4a5bf2b89f2daf7ae349335a62424e7bdb6c0a730c45e2d59929220e8649c04b70d1ed3dbadda04091f24ff2d5b5092
SSDEEP

3072:XQ4lkcD9go8GVYrS2Copy7RuWqPRSzEXJQ3NZXkeNWy7cSXJ7SuaDj5JSgokFASq:XQgkcD9g3GG1CtR9qJSzEZQ9x5nMj5oF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1777491ce82f7484b292b586892f803_JaffaCakes118

Files

c1777491ce82f7484b292b586892f803_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6c064363afc134f7e925026a8b2e9089

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\partage\MMITest\trunk\mmitest\Import\ImageMagick\VisualMagick\bin\CORE_RL_jp2_.pdb

Imports

msvcr70

isdigit
isalpha
qsort
strrchr
malloc
free
realloc
fputs
sprintf
fscanf
isprint
fputc
fread
fwrite
fseek
fprintf
tmpnam
vsprintf
isspace
atoi
atof
strchr
strtok
strncpy
__security_error_handler
_initterm
_adjust_fdiv
_except_handler3
__dllonexit
_onexit
_iob
vfprintf
memmove
floor
ceil
_CIpow
fclose
abort
_read
_write
_lseek
_unlink
_close
_open
_setmode

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DisableThreadLibraryCalls

Exports

Exports

jas_calloc
jas_cleanup
jas_clrspc_numchans
jas_cmprof_copy
jas_cmprof_createfromclrspc
jas_cmprof_createfromiccprof
jas_cmprof_destroy
jas_cmxform_apply
jas_cmxform_create
jas_cmxform_destroy
jas_eprintf
jas_free
jas_getdbglevel
jas_getopt
jas_getversion
jas_iccattrtab_dump
jas_iccattrval_allowmodify
jas_iccattrval_clone
jas_iccattrval_create
jas_iccattrval_destroy
jas_iccattrval_dump
jas_iccattrvalinfos
jas_iccprof_copy
jas_iccprof_createfrombuf
jas_iccprof_createfromclrspc
jas_iccprof_createfromcmprof
jas_iccprof_destroy
jas_iccprof_dump
jas_iccprof_getattr
jas_iccprof_gethdr
jas_iccprof_load
jas_iccprof_save
jas_iccprof_setattr
jas_iccprof_sethdr
jas_iccprofdata_sgray
jas_iccprofdata_sgraylen
jas_iccprofdata_srgb
jas_iccprofdata_srgblen
jas_image_addcmpt
jas_image_addfmt
jas_image_chclrspc
jas_image_clearfmts
jas_image_copy
jas_image_copycmpt
jas_image_create
jas_image_create0
jas_image_decode
jas_image_delcmpt
jas_image_depalettize
jas_image_destroy
jas_image_dump
jas_image_encode
jas_image_fmtfromname
jas_image_fmttostr
jas_image_getcmptbytype
jas_image_getfmt
jas_image_ishomosamp
jas_image_lookupfmtbyid
jas_image_lookupfmtbyname
jas_image_rawsize
jas_image_readcmpt
jas_image_readcmpt2
jas_image_readcmptsample
jas_image_sampcmpt
jas_image_strtofmt
jas_image_writecmpt
jas_image_writecmpt2
jas_image_writecmptsample
jas_init
jas_malloc
jas_matrix_asl
jas_matrix_asr
jas_matrix_bindsub
jas_matrix_clip
jas_matrix_cmp
jas_matrix_copy
jas_matrix_create
jas_matrix_destroy
jas_matrix_divpow2
jas_matrix_resize
jas_matrix_setall
jas_memdump
jas_optarg
jas_opterr
jas_optind
jas_realloc
jas_seq2d_bindsub
jas_seq2d_copy
jas_seq2d_create
jas_seq2d_input
jas_seq2d_output
jas_setdbglevel
jas_strdup
jas_stream_close
jas_stream_copy
jas_stream_display
jas_stream_fdopen
jas_stream_fillbuf
jas_stream_flush
jas_stream_flushbuf
jas_stream_fopen
jas_stream_freopen
jas_stream_getc_func
jas_stream_gets
jas_stream_gobble
jas_stream_isseekable
jas_stream_length
jas_stream_memopen
jas_stream_pad
jas_stream_printf
jas_stream_putc_func
jas_stream_puts
jas_stream_read
jas_stream_rewind
jas_stream_seek
jas_stream_setrwcount
jas_stream_tell
jas_stream_tmpfile
jas_stream_ungetc
jas_stream_write
jas_taginfo_nonull
jas_taginfos_lookup
jas_tmr_get
jas_tmr_start
jas_tmr_stop
jas_tvparser_create
jas_tvparser_destroy
jas_tvparser_gettag
jas_tvparser_getval
jas_tvparser_next

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c064363afc134f7e925026a8b2e9089

Headers

File Characteristics

PDB Paths

Imports

msvcr70

kernel32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 33KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 33KB

.reloc
Size: 4KB - Virtual size: 3KB