f0d16c03263270ff2c667c1b9f967e86_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0d16c03263270ff2c667c1b9f967e86_JaffaCakes118
Size

489KB
MD5

f0d16c03263270ff2c667c1b9f967e86
SHA1

43eb06d0d18b0881562fcf0b3c1a072d22482186
SHA256

35ca7d5eb6e3ee8643ea24fbd36f25a09e12a754fc2b855534443d1bfaa65a87
SHA512

220e0543301cce5c404ec3e8bc91dd0e97642a6eb0ed8d711132ef7749c90809d01bd0467650c4ea47ab34ad40cb47f69ba450b6d7408c16f841435ed9b2d8ce
SSDEEP

6144:EU9ERfGmvT7Fs0lwIqfRgE0OTBgOK/eWMWJ27iToAlqAR/cx9Wj8hfdAOflWzWaq:27L7Tk0OTSeWMWiiT8R5fdZlWaabQx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0d16c03263270ff2c667c1b9f967e86_JaffaCakes118

Files

f0d16c03263270ff2c667c1b9f967e86_JaffaCakes118
.dll windows:6 windows x86 arch:x86

c9044ccd3dd2a3b85f3a399e1621d62d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
SetFileAttributesA
CloseHandle
GetTickCount
MapViewOfFile
UnmapViewOfFile
LoadResource
LockResource
SizeofResource
CreateFileMappingA
LoadLibraryA
FindResourceA
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess

msvcp140

?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

vcruntime140

__std_type_info_destroy_list
__std_exception_destroy
_except_handler4_common
memmove
_CxxThrowException
__CxxFrameHandler3
memcpy
__std_exception_copy
memset

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9044ccd3dd2a3b85f3a399e1621d62d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 68B

.rsrc Size: 476KB - Virtual size: 476KB

.reloc Size: 1024B - Virtual size: 596B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 68B

.rsrc
Size: 476KB - Virtual size: 476KB

.reloc
Size: 1024B - Virtual size: 596B