0ff9f737dcdaa4b48bb4a46d589c5cdd_JaffaCakes118

General

Target

0ff9f737dcdaa4b48bb4a46d589c5cdd_JaffaCakes118
Size

560KB
MD5

0ff9f737dcdaa4b48bb4a46d589c5cdd
SHA1

428d16ab0db225e0430f5214fbeba6627422d4f6
SHA256

f8b5ebfaccb0631a91978a65ea792564d5170cfc0005daa12efb8c5ad1b8ac55
SHA512

b82dea2eba004f9f62f3085109d23b8b7d9a2463dd658e29c1b0c0874a1def6f601d7a1f392f177f4e3a7053470d973cd1406a832b8cbffcfaa432ab71a55472
SSDEEP

6144:TZLT3A5Dp0HvFIc5vBlcQGSgS62iiiiiSySYSGS+8c8c8AAANA/AA0fMG8gPhclv:TZL7A5l0711g8on8OcWulHXWNchVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ff9f737dcdaa4b48bb4a46d589c5cdd_JaffaCakes118

Files

0ff9f737dcdaa4b48bb4a46d589c5cdd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7ab16e731dceb4a9f159378babee3b5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

DeleteDC
DeleteObject
GetBitmapBits
BitBlt
GetObjectA
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
CreateDCA

msvcr80

fopen
getenv
_time64
fread
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
fclose
_stat64i32
strstr
memmove
memcpy
realloc
malloc
free
sprintf
memset
_encode_pointer

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
GetVersionExA
GetModuleFileNameA

Exports

Exports

R_FIPS140_MODULE_get_supported_interfaces
R_FIPS140_MODULE_set_failure_reason_cb
R_FIPS140_MODULE_set_test_details_cb

Sections

.text
Size: 324KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ab16e731dceb4a9f159378babee3b5c

Headers

File Characteristics

Imports

gdi32

msvcr80

kernel32

Exports

Exports

Sections

.text Size: 324KB - Virtual size: 320KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 56KB - Virtual size: 58KB

.data1 Size: 4KB - Virtual size: 112B

.rsrc Size: 96KB - Virtual size: 93KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 324KB - Virtual size: 320KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 56KB - Virtual size: 58KB

.data1
Size: 4KB - Virtual size: 112B

.rsrc
Size: 96KB - Virtual size: 93KB

.reloc
Size: 20KB - Virtual size: 19KB