e9b24e07bba059b824fa58cf801a2aa7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e9b24e07bba059b824fa58cf801a2aa7_JaffaCakes118
Size

660KB
MD5

e9b24e07bba059b824fa58cf801a2aa7
SHA1

6a5ffe5471823ac27a1d912c9ab4e59ea331b627
SHA256

d58dd8cb189cda12ad2aa1913b55ed1e2dd596fa702690a60c04db8aa664396b
SHA512

2fb5b065feb03ca416033de18b96116559d4fbe2b14a4ec91d55dee858ba826891af7aa30f22575b69605e33da09deea4b95357fd325da2f3b208ba0cc2d170b
SSDEEP

12288:zZL7A5l0711g8onrOcWAqVvrDhS6kNaW3:zZL7AfYhonSr1naaW3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9b24e07bba059b824fa58cf801a2aa7_JaffaCakes118

Files

e9b24e07bba059b824fa58cf801a2aa7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d225cf81532c0ff60f4ae25fdb8f6925

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

DeleteDC
DeleteObject
GetBitmapBits
BitBlt
GetObjectA
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
CreateDCA

msvcr80

fopen
getenv
_time64
fread
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
fclose
_stat64i32
strstr
memmove
memcpy
realloc
malloc
free
sprintf
memset
_encode_pointer

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
GetVersionExA
GetModuleFileNameA

Exports

Exports

R_FIPS140_MODULE_get_supported_interfaces
R_FIPS140_MODULE_set_failure_reason_cb
R_FIPS140_MODULE_set_test_details_cb

Sections

.text
Size: 324KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d225cf81532c0ff60f4ae25fdb8f6925

Headers

File Characteristics

Imports

gdi32

msvcr80

kernel32

Exports

Exports

Sections

.text Size: 324KB - Virtual size: 320KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 56KB - Virtual size: 58KB

.data1 Size: 4KB - Virtual size: 112B

.rsrc Size: 4KB - Virtual size: 428B

.reloc Size: 20KB - Virtual size: 19KB

.text Size: 192KB - Virtual size: 192KB

.text
Size: 324KB - Virtual size: 320KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 56KB - Virtual size: 58KB

.data1
Size: 4KB - Virtual size: 112B

.rsrc
Size: 4KB - Virtual size: 428B

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 192KB - Virtual size: 192KB