eb2504332ac62e980d058a0192b15b6e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eb2504332ac62e980d058a0192b15b6e_JaffaCakes118
Size

77KB
MD5

eb2504332ac62e980d058a0192b15b6e
SHA1

d8a2ea00a3db3b1f56770bc4c14fa9a45c922c26
SHA256

462af12aca679d31f108f98f1099c14a5a0d57082ea41dc989fe9ccfab38ce51
SHA512

b4c0532ee01eae67cd1ff4ef7e98c506f109c6be1737d2fbe8d14f8589e2be5293d2ce545e99d69d924c7d02a176a8dac7e0fbfba7d9a1c248e6321f74675ab4
SSDEEP

1536:n5Dh0Xd4w7Erqrm2jWM+hSqyI1kq6oz8/Mg2NCmkfN/:n5Dh0XdAB2jWhh/n1oo2bF/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb2504332ac62e980d058a0192b15b6e_JaffaCakes118

Files

eb2504332ac62e980d058a0192b15b6e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

23bcf9774f5e0373e519d8f2943d9b17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
DisableThreadLibraryCalls
GetLastError
VirtualAlloc
VirtualFree
FreeLibrary
EnterCriticalSection
LoadLibraryA
GetProcAddress
LeaveCriticalSection
LocalFree
CloseHandle
DeleteFileW
GetModuleFileNameW
lstrcpyW
HeapDestroy
DeleteCriticalSection
lstrcatW

user32

GetFocus
DestroyWindow
CharNextW

ole32

CoInitialize
CoCreateInstance
CoTaskMemFree
CoUninitialize

msvcrt

_except_handler3
??3@YAXPAX@Z
??2@YAPAXI@Z
memcpy
_amsg_exit
_initterm
free
_adjust_fdiv
_XcptFilter
memset
wcscpy
__dllonexit
_onexit
malloc
time
__CxxFrameHandler

msvcp60

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23bcf9774f5e0373e519d8f2943d9b17

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcrt

msvcp60

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 1024B - Virtual size: 34KB

.rsrc Size: 23KB - Virtual size: 23KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 1024B - Virtual size: 34KB

.rsrc
Size: 23KB - Virtual size: 23KB

.reloc
Size: 1KB - Virtual size: 1KB