JaffaCakes118_657f37ecdbc9d70b8ce51d4df759fad0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_657f37ecdbc9d70b8ce51d4df759fad0
Size

192KB
MD5

657f37ecdbc9d70b8ce51d4df759fad0
SHA1

2320fc625fa4a8ae9bc6d123fa6020de683cdaf1
SHA256

3970692c015ead66ca10d1ddaade28b6443ebcce61bd6c4b0e0539199fafe694
SHA512

eeebcac9823d3417e88124635a8c37a1648a797793eba42c2e3344641d5020482f16c7e524cdadd21af5a9764ced3444b59b8a3c8f5af7e27107e45eaf75a2d4
SSDEEP

3072:PiH19KnlblaCrQWODDZTuAjnJjqp/g2bzcijLvZ33X1vxDRvanoRmOl:qmlbDQWODDZgpdH1ZxmooOl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_657f37ecdbc9d70b8ce51d4df759fad0

Files

JaffaCakes118_657f37ecdbc9d70b8ce51d4df759fad0
.dll windows:4 windows x86 arch:x86

af0d7e33a5a027fa6c579695de519693

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiCreateDeviceInfoList
SetupDiOpenDeviceInterfaceA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
OutputDebugStringA
CloseHandle
CreateFileA
GetOverlappedResult
WaitForSingleObject
GetLastError
WriteFile
CreateEventA
ReadFile
CancelIo
lstrlenA
MultiByteToWideChar
GetTickCount
WaitForMultipleObjects
SetFilePointer
GetFileSize
DeviceIoControl
Sleep
FreeLibrary
LoadLibraryExA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetCurrentProcessId

msvcr80

memset
strstr
memcpy
??_U@YAPAXI@Z
_CxxThrowException
??3@YAXPAX@Z
printf
memcmp
strncpy
_open
strtoul
strncmp
exit
fprintf
__iob_func
fopen
??2@YAPAXI@Z
strcat
ftell
strcpy
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
sprintf
strlen
strrchr
vsprintf
__CxxFrameHandler3
_fsopen
fclose
malloc
fseek
fread
free
_close
_read
_write
??_V@YAXPAX@Z
_stat64i32

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

Exports

ConvertImage
SFI_change_state
SFI_close_stream
SFI_connect
SFI_disconnect
SFI_get_info
SFI_open_flash_stream
SFI_write_stream

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af0d7e33a5a027fa6c579695de519693

Headers

File Characteristics

Imports

setupapi

kernel32

msvcr80

msvcp80

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 4KB - Virtual size: 2KB

.text Size: 104KB - Virtual size: 104KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 104KB - Virtual size: 104KB