f13f80cf743b1971bcfef0c72965160f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f13f80cf743b1971bcfef0c72965160f_JaffaCakes118
Size

124KB
MD5

f13f80cf743b1971bcfef0c72965160f
SHA1

da31dfeb9065382c39f3fdfcfddb2995956f785a
SHA256

beb5eba6f040e94a682b86f874166069434dabdf2a8d7b32d1b12805c703fd38
SHA512

a2fb88b0111c54028f85e76de732b38985eabd1448826e795e67f2049ff6445454f807813f5080835b6d59abac8282c2a715e559ff675d7d4c4f25cf4a298c6e
SSDEEP

1536:QDOLqeQcdAjcXjkK1fi9cPPQxKOCuxe7Pbmk8UpKFh13yzivkXT07ADzrv:YOL9QcqjE5ti9cwUlzoh4iMXT0kDPv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f13f80cf743b1971bcfef0c72965160f_JaffaCakes118

Files

f13f80cf743b1971bcfef0c72965160f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

73832c0380477f0dfbf813fc8f0947e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
SetEvent
ResumeThread
CreateThread
CreateEventA
CloseHandle
TerminateThread
GetProcAddress
LoadLibraryA
EnterCriticalSection
VirtualFree
VirtualAlloc
ResetEvent
FreeLibrary
GetPrivateProfileStringA
GetVersionExA
MoveFileA
CreateProcessA
lstrcpyA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
LocalFree
FindFirstFileA
RemoveDirectoryA
GetFileSize
CreateFileA
WriteFile
GetModuleFileNameA
ExitThread
SleepEx
lstrlenA
WinExec
WritePrivateProfileStringA
DeleteFileA
GetCurrentProcess
LeaveCriticalSection
Sleep
DeleteCriticalSection
InitializeCriticalSection
GetLocalTime
MapViewOfFile
CreateFileMappingA
GetProcessHeap
UnmapViewOfFile
GlobalFree
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalSize
GetTickCount
GetStartupInfoA
DisconnectNamedPipe
PeekNamedPipe
WaitForMultipleObjects
GetSystemInfo
ReleaseMutex
OpenEventA
SetErrorMode
CreateMutexA
SetUnhandledExceptionFilter
OpenProcess
LocalReAlloc
GetLastError
GetCurrentThreadId
RaiseException
InterlockedExchange
LocalAlloc

msvcrt

memcmp
strchr
strcat
strcpy
malloc
strcmp
free
_except_handler3
strrchr
strncpy
atoi
strstr
_errno
exit
realloc
wcstombs
_beginthreadex
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strlen
_ftol
ceil
memmove
__CxxFrameHandler
strncmp
??3@YAXPAX@Z
_strupr
_strnicmp
??2@YAPAXI@Z
memset
memcpy
_strrev

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

msvfw32

ICSeqCompressFrame

Exports

Exports

ServiceMain

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Helpless
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ujyhkuy
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73832c0380477f0dfbf813fc8f0947e5

Headers

File Characteristics

Imports

kernel32

msvcrt

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 49KB

Helpless Size: 16KB - Virtual size: 15KB

.ujyhkuy Size: 12KB - Virtual size: 8KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 52KB - Virtual size: 49KB

Helpless
Size: 16KB - Virtual size: 15KB

.ujyhkuy
Size: 12KB - Virtual size: 8KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 6KB