c7cfda663266ae609d7d51e085b4ebc2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7cfda663266ae609d7d51e085b4ebc2_JaffaCakes118
Size

96KB
MD5

c7cfda663266ae609d7d51e085b4ebc2
SHA1

2b4ca63631270be6f7f92599001780b28fd9293f
SHA256

45d4b26b69f0c78ee78e6a22627e7bcb33224138aa46220bee561930422d0d73
SHA512

18a5f38d4a4753f0407c3141c7848bdb2c526160ee973d8326226124e58aefa3208e2df4cf6057a509711608e58a60e283197517e69e63226acc62a48e70580a
SSDEEP

1536:cehqF9YDjN62T7FI/zS1zZZncpGnefs8qvizn3MvGKhHrrho:Kak2TBI/e1zZZnGGYs8qI3MvGMHrra

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7cfda663266ae609d7d51e085b4ebc2_JaffaCakes118

Files

c7cfda663266ae609d7d51e085b4ebc2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

303d36358a9b493ecdcbc9c7b99e625d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
CreateEventA
CloseHandle
WaitForSingleObject
ResetEvent
lstrcpyA
SetEvent
InterlockedExchange
CancelIo
Sleep
lstrlenA
lstrcatA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
DeleteFileA
GetLastError
GetFileAttributesA
CreateProcessA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
FindFirstFileA
LocalAlloc
RemoveDirectoryA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
MoveFileA
GetModuleFileNameA
GetSystemDirectoryA
GetCurrentProcess
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
TerminateThread
MoveFileExA
GetTickCount
WriteFile
GetLocalTime
MapViewOfFile
CreateFileMappingA
HeapFree
GetProcessHeap
HeapAlloc
UnmapViewOfFile
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
PeekNamedPipe
WaitForMultipleObjects
DeviceIoControl
GetSystemInfo
GlobalMemoryStatus
ReleaseMutex
OpenEventA
SetErrorMode
CreateMutexA
SetUnhandledExceptionFilter
ExitProcess
FreeConsole
SetFileAttributesA
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetCurrentThreadId
RaiseException

msvcrt

memset
??2@YAPAXI@Z
memcmp
_CxxThrowException
strchr
malloc
strcpy
strcmp
free
_except_handler3
strrchr
strncat
__CxxFrameHandler
realloc
atoi
wcstombs
strncpy
_beginthreadex
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strstr
strlen
_ftol
ceil
memmove
strcat
memcpy
??3@YAXPAX@Z
_strrev
_strnicmp
_strcmpi

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

Exports

Exports

ServiceMain

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

303d36358a9b493ecdcbc9c7b99e625d

Headers

File Characteristics

Imports

kernel32

msvcrt

msvcp60

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 928B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 8KB - Virtual size: 4KB