dae3cccd06b3672ced45a1dd41c02240_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dae3cccd06b3672ced45a1dd41c02240_JaffaCakes118
Size

16KB
MD5

dae3cccd06b3672ced45a1dd41c02240
SHA1

d74077ae201caa85d4f310a323b05eb73bb37d25
SHA256

b0c8a8015e7e7d41641495bad82c3d04f16ce37736b54e8a53436c2d66685821
SHA512

752ef0e3933a3661cca627104835fafa9aa75514e47ef33649a6729e281e44b5b1e52c09df5226f29970ae432d26b2941d1230c6cb7e00faa160d7d53a3c7707
SSDEEP

192:91ceEG5SfDMe2W8SmuC8qQioGtJU7H1bTA7Wo5Y1JgJIimrU8YuuchzkWd56dVJy:9CVMe2vSmuZZio8JIH13A7Wo5jJW8P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dae3cccd06b3672ced45a1dd41c02240_JaffaCakes118

Files

dae3cccd06b3672ced45a1dd41c02240_JaffaCakes118
.exe windows:6 windows x86 arch:x86

027cc06f228b4eda72e5617fa16a1215

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Drew\source\repos\GlowEsp\Release\GlowEsp.pdb

Imports

kernel32

WriteProcessMemory
SetConsoleTitleA
Module32Next
OpenProcess
CreateToolhelp32Snapshot
Sleep
TerminateThread
Process32Next
CloseHandle
CreateThread
ReadProcessMemory
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead

user32

GetAsyncKeyState

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?uncaught_exception@std@@YA_NXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z

vcruntime140

__std_terminate
__std_exception_copy
__std_exception_destroy
_except_handler4_common
memset
__CxxFrameHandler3
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback
__p___argv
__p___argc
_cexit
terminate
_set_app_type
_exit
exit
_controlfp_s
_seh_filter_exe
_crt_atexit
_initterm_e
_initterm
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_c_exit
_get_initial_narrow_environment
_initialize_narrow_environment

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_callnewh
_set_new_mode
malloc
free

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

027cc06f228b4eda72e5617fa16a1215

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 900B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 900B