d28970b84db60da7c31213cfa514579c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d28970b84db60da7c31213cfa514579c_JaffaCakes118
Size

648KB
MD5

d28970b84db60da7c31213cfa514579c
SHA1

cec3e131d9b9cc23c27e09d3ca95db16ca5ceba6
SHA256

a08962ecab218edf0521fc65dd60f2b698d8528dcadf68fd0ee597326e8ca221
SHA512

249c79f278578c6b118559ed6cbf7a0754b7d81f45701fc0c4a92cf715b94df5b798e52db5511d66f0647276c061e7cfe0eeec0e71d2284a3715f2988ccd81d1
SSDEEP

12288:eZL7A5l0711g8onrOcWAqVvUb3rATQthZ362F7:eZL7AfYhonS80TQthtvF7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d28970b84db60da7c31213cfa514579c_JaffaCakes118

Files

d28970b84db60da7c31213cfa514579c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d225cf81532c0ff60f4ae25fdb8f6925

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

DeleteDC
DeleteObject
GetBitmapBits
BitBlt
GetObjectA
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
CreateDCA

msvcr80

fopen
getenv
_time64
fread
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
fclose
_stat64i32
strstr
memmove
memcpy
realloc
malloc
free
sprintf
memset
_encode_pointer

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
GetVersionExA
GetModuleFileNameA

Exports

Exports

R_FIPS140_MODULE_get_supported_interfaces
R_FIPS140_MODULE_set_failure_reason_cb
R_FIPS140_MODULE_set_test_details_cb

Sections

.text
Size: 324KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d225cf81532c0ff60f4ae25fdb8f6925

Headers

File Characteristics

Imports

gdi32

msvcr80

kernel32

Exports

Exports

Sections

.text Size: 324KB - Virtual size: 320KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 56KB - Virtual size: 58KB

.data1 Size: 4KB - Virtual size: 112B

.rsrc Size: 4KB - Virtual size: 428B

.reloc Size: 20KB - Virtual size: 19KB

.text Size: 180KB - Virtual size: 180KB

.text
Size: 324KB - Virtual size: 320KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 56KB - Virtual size: 58KB

.data1
Size: 4KB - Virtual size: 112B

.rsrc
Size: 4KB - Virtual size: 428B

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 180KB - Virtual size: 180KB