5f894df230fd8866b90ff59475b1d8e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f894df230fd8866b90ff59475b1d8e9_JaffaCakes118
Size

116KB
MD5

5f894df230fd8866b90ff59475b1d8e9
SHA1

9487f8286c7046942758975e2ac80e5b106cfc76
SHA256

5558483c2f3fe33e33bb76dc52355ad4b543181d20b0e45b3f31901458382f19
SHA512

a6bb57c226989eb1b3ade9d3a40d024da081df55c7921b7b6a867b652a22ad6b672bfad7d3679647545436524d8c12ca13e28be072d35c4d32870c99a017c2c4
SSDEEP

1536:DjRljSGt99I47Ft7pTJCNTMfElGnDjfBdvcbJ6bfhcDw5xTmKw4ns5DhKRC2:bWo3Q2fBdvWJ6rhc8fmZ4ytKRC2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f894df230fd8866b90ff59475b1d8e9_JaffaCakes118

Files

5f894df230fd8866b90ff59475b1d8e9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8e34dfca8aa63b80cf5689e23c1c0758

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
CloseHandle
TerminateThread
GetProcAddress
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
InterlockedExchange
CancelIo
ResetEvent
FreeLibrary
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
FindClose
LocalFree
LocalReAlloc
LocalAlloc
RemoveDirectoryA
ReadFile
CreateProcessA
SetLastError
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
WaitForSingleObject
ExitThread
SleepEx
DeviceIoControl
lstrcmpiA
GetSystemDirectoryA
MapViewOfFile
CreateFileMappingA
HeapFree
UnmapViewOfFile
GetModuleHandleA
GetLocalTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
TerminateProcess
WaitForMultipleObjects
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
PeekNamedPipe
ReleaseMutex
OpenEventA
SetErrorMode
SetUnhandledExceptionFilter
FreeConsole
lstrcpynA
LocalSize
GetCurrentThreadId
Sleep
GetTickCount
GetLastError
RaiseException
OpenProcess

msvcrt

strcpy
strchr
strcmp
strlen
free
strrchr
_CxxThrowException
strcat
strncat
malloc
atoi
wcstombs
_beginthreadex
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
memcmp
strstr
_ftol
ceil
memmove
realloc
__CxxFrameHandler
memcpy
??3@YAXPAX@Z
_strnicmp
_itoa
memset
_except_handler3
??2@YAPAXI@Z
_strcmpi

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

ICSeqCompressFrameEnd
ICClose
ICSeqCompressFrame
ICSeqCompressFrameStart
ICCompressorFree
ICOpen
ICSendMessage

Exports

Exports

AervicbMaio
ServiceMain
servicemain

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e34dfca8aa63b80cf5689e23c1c0758

Headers

File Characteristics

Imports

kernel32

msvcrt

msvcp60

avicap32

msvfw32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 6KB