dfc6f0e36890bab8dee6077b45ae14eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dfc6f0e36890bab8dee6077b45ae14eb_JaffaCakes118
Size

186KB
MD5

dfc6f0e36890bab8dee6077b45ae14eb
SHA1

348a40528c9c2bb70428c2b54327fdb012f53533
SHA256

1e40037d7c171ce0520d280cd1c57571b38a0c7993fc1f2beec071bba47c821e
SHA512

27140fb88e25beb983c29a9268b15683613061bab95690a279c3ecfe2f05424fcc14232c0b1f15489d2cda03c293b365e1c8ba764f3e19ce1e4b6fde32808a28
SSDEEP

3072://kqMzm1OHtCJ25cUi/WzdkfRcuopwPVoGygvu3DdY:R+mUHtQ2mUfzdvbwN/Bvuze

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfc6f0e36890bab8dee6077b45ae14eb_JaffaCakes118

Files

dfc6f0e36890bab8dee6077b45ae14eb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b1cf292c86987f132b90b03604b09985

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_~1\jdk6_21\control\build\WINDOW~1\tmp\sun\sun.security.smartcardio\j2pcsc\obj\j2pcsc.pdb

Imports

winscard

SCardControl
SCardEndTransaction
SCardBeginTransaction
SCardGetStatusChangeA
SCardDisconnect
SCardStatusA
SCardTransmit
SCardConnectA
SCardListReadersA
SCardEstablishContext

msvcr71

_onexit
__dllonexit
_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
strlen
malloc
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

_JNI_OnLoad@8
_Java_sun_security_smartcardio_PCSC_SCardBeginTransaction@16
_Java_sun_security_smartcardio_PCSC_SCardConnect@28
_Java_sun_security_smartcardio_PCSC_SCardControl@24
_Java_sun_security_smartcardio_PCSC_SCardDisconnect@20
_Java_sun_security_smartcardio_PCSC_SCardEndTransaction@20
_Java_sun_security_smartcardio_PCSC_SCardEstablishContext@12
_Java_sun_security_smartcardio_PCSC_SCardGetStatusChange@32
_Java_sun_security_smartcardio_PCSC_SCardListReaders@16
_Java_sun_security_smartcardio_PCSC_SCardStatus@20
_Java_sun_security_smartcardio_PCSC_SCardTransmit@32

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 178KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1cf292c86987f132b90b03604b09985

Headers

File Characteristics

PDB Paths

Imports

winscard

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 40B

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 512B - Virtual size: 186B

.text Size: 178KB - Virtual size: 180KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 40B

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 512B - Virtual size: 186B

.text
Size: 178KB - Virtual size: 180KB