d552745c6474f5c4216e7a76d12ba5d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d552745c6474f5c4216e7a76d12ba5d3_JaffaCakes118
Size

86KB
MD5

d552745c6474f5c4216e7a76d12ba5d3
SHA1

83854b8eb8302b44d8162483286ef4f55b595ef6
SHA256

dd03d0e9f9927f9bfa9a0555b8a5dd7c96ce83633348a50f4ec0aa39d56ff6bd
SHA512

2fb993433ab2a0916d14d889c6e65614c5560ba72921be97a4b50a7da95c5a87a36782aa05265339d983186e9b8043c00d84e083d6990653931cd6a511d04b83
SSDEEP

1536:PTAHYwmuc/6BcPq0u/g9t8dbbOh/5D+TAbeD3zkclJWDzC1:MYwmX/6Byyo9t8db6hp+TAbe3zkWJWDm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d552745c6474f5c4216e7a76d12ba5d3_JaffaCakes118

Files

d552745c6474f5c4216e7a76d12ba5d3_JaffaCakes118
.dll windows:1 windows x86 arch:x86

8f6f189b3ac5278b25b858d0edbb7a24

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kpfp32

ord123
ord121
ord125
ord115
ord118
ord124
ord102
ord103
ord110
ord112
ord120
ord109
ord101
ord117
ord126
ord122
ord108
ord119

kpsys32

ord292
ord293
ord111
ord114
ord110
ord290
ord291
ord322
ord157
ord163
ord152
ord313
ord159
ord161
ord118
ord222
ord119
ord113
ord321
ord150

msvcrt20

atol
malloc
sin
strtod
_initterm
strlen
strcat
strcmp
strcpy
_ftol
_ltoa

kernel32

GetSystemDirectoryA
GlobalFree
GlobalAlloc
GetVersion

Exports

Exports

KpFiltClose
KpFiltGetInfoPriv
KpFiltProcess
KpFiltRectangles
KpFiltSetup
KpFiltStripBegin
KpFiltStripEnd
KpFiltUnloadPlugin

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f6f189b3ac5278b25b858d0edbb7a24

Headers

File Characteristics

Imports

kpfp32

kpsys32

msvcrt20

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.bss Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 228B

.data Size: 512B - Virtual size: 164B

.idata Size: 1024B - Virtual size: 774B

.edata Size: 56KB - Virtual size: 56KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 708B

.text
Size: 24KB - Virtual size: 24KB

.bss
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 228B

.data
Size: 512B - Virtual size: 164B

.idata
Size: 1024B - Virtual size: 774B

.edata
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 708B