d3db0f5cfd4500d3b8ac8b098aeed4ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3db0f5cfd4500d3b8ac8b098aeed4ec_JaffaCakes118
Size

169KB
MD5

d3db0f5cfd4500d3b8ac8b098aeed4ec
SHA1

e68cf75138e6fd4cb1dc1b5c49903a38f1084d4a
SHA256

ed2133f60ce51e34d8a99077e575cc83fe0c1db69ddaf64e068d7c3a97d285d1
SHA512

2e98bb388f2d77c01c49592b74f0c01feee210e926d2b67aa1055606485ce711cc5af544fda0d7b817bdef346617e60f5f8e909ee9e7406dc2aee7b2d6b7bfdd
SSDEEP

3072:yxoWxWQ/olnZhWrBgjDarRlKCUaZSCMkt3AOedsDCZ/TbW53WxzPky9CcgCJnVOX:y3gXW6jDarrooIlTbemxA/CJnIZZq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3db0f5cfd4500d3b8ac8b098aeed4ec_JaffaCakes118

Files

d3db0f5cfd4500d3b8ac8b098aeed4ec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8c0b66366cd315f9ef348704b543b6ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetCommandLineA
GetTickCount
lstrlenA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetEvent
WaitForSingleObject
IsBadWritePtr
DeviceIoControl
GetLastError
MultiByteToWideChar

user32

LoadStringA

ole32

CoTaskMemAlloc
CoTaskMemFree

msvcrt

_initterm
malloc
_adjust_fdiv
free
strncmp
memset
_except_handler3
??3@YAXPAX@Z
__CxxFrameHandler

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c0b66366cd315f9ef348704b543b6ce

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcrt

msvcp60

Sections

.text Size: 123KB - Virtual size: 123KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 35KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 123KB - Virtual size: 123KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 35KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 4KB