eec5e8d06a58f6eb74067ec006ea4421_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eec5e8d06a58f6eb74067ec006ea4421_JaffaCakes118
Size

148KB
MD5

eec5e8d06a58f6eb74067ec006ea4421
SHA1

8188a70b8d5817d7522decc3c047666cbb70c069
SHA256

3d42121846da4bcb1f53b08575178cf8ddf0e6a787085fe229da17cf8464a566
SHA512

48ff2a46fdc7e6390d6162a5d97decd5ce5fa978e206d351103f46a75664e9e78c25e021d988c0ed6d73b3f265a48766c13840ad2c86bba9a57706c5b281a18b
SSDEEP

3072:t+BSKVP/2cau/SyhIDlLOL+v5dEHEe64vavdjyMbGM0xlf:ULP/2cdSVxLOLO5aza1jyMGxlf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eec5e8d06a58f6eb74067ec006ea4421_JaffaCakes118

Files

eec5e8d06a58f6eb74067ec006ea4421_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a455e88981c1e2bd57cffdcc74837ff3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\pulse2\agents\WIN_amccarth3-w\recipes\136409784\base\googleclient\earth\client\scons-out\prod\obj\tools\earthflashsol\earthflashsol.pdb

Imports

msvcp100

?_Raise_handler@std@@3P6AXABVexception@stdext@@@ZA
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

msvcr100

_onexit
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_controlfp_s
_lock
__dllonexit
_unlock
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
fclose
wcscpy
fseek
ftell
fwrite
_fileno
_purecall
fread
??_V@YAXPAX@Z
isalpha
memset
setvbuf
wcslen
_errno
_wfsopen
_wfopen
memchr
strchr
_wcsnicmp
_fstat64i32
feof
??2@YAPAXI@Z
??3@YAXPAX@Z
strlen
memcmp
memmove
_invoke_watson
memcpy
_strnicmp

kernel32

FindFirstFileW
TlsGetValue
GetDriveTypeW
FreeLibrary
CreateDirectoryW
WaitForSingleObject
GetTickCount
InitializeCriticalSection
TlsSetValue
WideCharToMultiByte
CopyFileW
LeaveCriticalSection
GetFileAttributesW
GetModuleFileNameW
MultiByteToWideChar
SetThreadPriority
GetTempPathW
GetLastError
GetLongPathNameW
GetProcAddress
MoveFileW
EnterCriticalSection
FindClose
LoadLibraryA
RemoveDirectoryW
IsDebuggerPresent
FindNextFileW
GetFileAttributesExW
DeleteCriticalSection
GetCurrentThreadId
GetDiskFreeSpaceExW
TlsAlloc
CloseHandle
DeleteFileW
TlsFree
ResumeThread
CreateThread
InterlockedExchange
Sleep
InterlockedCompareExchange
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTempFileNameW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW

ws2_32

listen
getsockopt
send
gethostbyname
WSAResetEvent
closesocket
WSACreateEvent
socket
bind
recv
WSACleanup
sendto
setsockopt
getsockname
WSAWaitForMultipleEvents
WSAEventSelect
htons
WSAEnumNetworkEvents
WSAGetLastError
htonl
inet_addr
ntohl
recvfrom
WSAStartup
connect
ioctlsocket
getpeername
WSASetEvent
WSACloseEvent
accept
ntohs

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a455e88981c1e2bd57cffdcc74837ff3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp100

msvcr100

kernel32

shell32

ws2_32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 99KB - Virtual size: 99KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 99KB - Virtual size: 99KB

.reloc
Size: 5KB - Virtual size: 5KB