b4df12f62d4d85e32a113a0ccfde4bf4_JaffaCakes118

General

Target

b4df12f62d4d85e32a113a0ccfde4bf4_JaffaCakes118
Size

114KB
MD5

b4df12f62d4d85e32a113a0ccfde4bf4
SHA1

4c7c560632b3538dacf9fc5b3eed8542ef02b2c6
SHA256

18926b826c515e43673d0b41149259bea916c72c3e7817721b467a9550960d18
SHA512

db7439b2ad6f8b839143c05cd2f1dfa65b007b56d246d5598a45188e6b394c855f3c6891d2afc61189e69d1beebb4e721ffb69b143268a8d8ae2306bc8d38912
SSDEEP

3072:WtL+8oBAPcHlaP+DGPGf+yFfMBOS9GJS:6HoStPGGM0Bzh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4df12f62d4d85e32a113a0ccfde4bf4_JaffaCakes118

Files

b4df12f62d4d85e32a113a0ccfde4bf4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

44f65b93786173bac0643ec1c057f3f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
InterlockedExchange

msvcrt

strstr
memcmp
strcpy
_except_handler3
strcmp
free
malloc
strrchr
strcat
strncpy
fclose
fwrite
fopen
strlen
strncmp
strchr
_errno
wcscpy
_snprintf
strncat
realloc
_beginthreadex
calloc
_initterm
_adjust_fdiv
_ftol
ceil
memmove
__CxxFrameHandler
memcpy
atoi
??3@YAXPAX@Z
_strrev
_strnicmp
??2@YAPAXI@Z
memset
_stricmp
_strupr
_strcmpi

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

msvfw32

ICSeqCompressFrame

Exports

Exports

CodeService
MainService
ServiceCode
WWWW

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44f65b93786173bac0643ec1c057f3f1

Headers

File Characteristics

Imports

kernel32

msvcrt

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 78KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 78KB - Virtual size: 78KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 7KB - Virtual size: 7KB