451fbc8a8cc04e89a571e3521bc65ff7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

451fbc8a8cc04e89a571e3521bc65ff7_JaffaCakes118
Size

108KB
MD5

451fbc8a8cc04e89a571e3521bc65ff7
SHA1

4a592397f399b7a27660d69a6a8fec8850e5d55c
SHA256

3464263024c4f7be022de6a7bf3f3c07b7967edacc80e3bac412e7091c667bcf
SHA512

316fa18fb2ec8ce5eecb964a7f43d5b84671edeac8cf6c3ab783574ea1f03ec0ad07bffcf0ee226525502c7e7acd35edac2c001db0a883855e3b178b8dc2d11c
SSDEEP

1536:3hJN2NRxsDZNbPdmscVFEf13sQZj8UGFEBR87oeH:3hJN6xs9bmsyF213sg8UGFEf8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
451fbc8a8cc04e89a571e3521bc65ff7_JaffaCakes118

Files

451fbc8a8cc04e89a571e3521bc65ff7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dc58fb9a45c1eba78bdc6abf6fa0498e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

strtok
strchr
atoi
strncpy
_except_handler3
malloc
strncat
strrchr
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
strstr
_ftol
ceil
realloc
wcstombs
_beginthreadex
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
free
_strcmpi
_strnicmp
_strrev
_strnset
memmove

kernel32

GetCurrentProcess
GetTickCount
GetCurrentThreadId
lstrcmpiA
Process32First
Process32Next
LocalSize
FreeConsole
CreateThread
MoveFileA
SetUnhandledExceptionFilter
SetErrorMode
OpenEventA
GetSystemInfo
GlobalMemoryStatusEx
CreatePipe
GetSystemDirectoryA
CreateProcessA
PeekNamedPipe
TerminateProcess
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
EnterCriticalSection
GetProcAddress
LoadLibraryA
VirtualAlloc
DeleteCriticalSection
InitializeCriticalSection
lstrcpyA
FreeLibrary
SetEvent
InterlockedExchange
CancelIo
CloseHandle
lstrcatA
lstrlenA
GetDriveTypeA
FindClose
LocalFree
FindNextFileA
LocalReAlloc
FindFirstFileA
LocalAlloc
RemoveDirectoryA
DeleteFileA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WriteFile
GetLastError
CreateDirectoryA
SetLastError
GetModuleFileNameA
Sleep
GetVersionExA
ExitProcess
RaiseException
GetVersion
DeviceIoControl
CreateRemoteThread
WriteProcessMemory
OpenProcess
GetWindowsDirectoryA
TerminateThread
CreateEventA
GetLocalTime
WaitForSingleObject

msvcp60

?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

msvfw32

ICCompressorFree
ICSeqCompressFrameEnd
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame
ICClose

Exports

Exports

Eternal
Go
Heart
On
ServiceMain

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc58fb9a45c1eba78bdc6abf6fa0498e

Headers

File Characteristics

Imports

msvcrt

kernel32

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 5KB