ce91d5e8af6cbab608ee00391bd52c66_JaffaCakes118

General

Target

ce91d5e8af6cbab608ee00391bd52c66_JaffaCakes118
Size

12KB
MD5

ce91d5e8af6cbab608ee00391bd52c66
SHA1

51415d6a973bf8d12daac25928a7b2291e9f48c8
SHA256

83779f79b15c181d682fef2e7135869cb62602baf0316974947c736734d6614d
SHA512

5c244a68ff6a24da1415502012cec241c9a4f95b3e8132268961a2359e8ef0b3ca4aeee92c790245021566ab756911b51a55be8217e26a0e5ed5853ff35dbf5b
SSDEEP

192:bjfht4FLGFtImCLZWbOT+xKyT3cvFMVTq1kjJyOx1BGuf5iVxHd:3fhteaFOT1LT0BQySkjJJz0i52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce91d5e8af6cbab608ee00391bd52c66_JaffaCakes118

Files

ce91d5e8af6cbab608ee00391bd52c66_JaffaCakes118
.dll windows:6 windows x86 arch:x86

df76a9e69dd9166318592b6e1e9431d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python27

PyErr_Occurred
_Py_NoneStruct
PyType_Type
PyEval_RestoreThread
PyEval_SaveThread
Py_InitModule4
PyModule_AddIntConstant
PyArg_ParseTuple
PyObject_Free
Py_FindMethod
PyString_AsString
PyString_Size
PyString_FromStringAndSize
PyInt_FromLong
Py_FatalError
_PyObject_New

kernel32

UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
memset

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initterm_e
_initterm
_execute_onexit_table
_cexit
_initialize_onexit_table

Exports

Exports

init_SHA384

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df76a9e69dd9166318592b6e1e9431d6

Headers

DLL Characteristics

File Characteristics

Imports

python27

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 448B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 448B