0749c97b7ffb7e611e2947d5f303cd60_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0749c97b7ffb7e611e2947d5f303cd60_JaffaCakes118
Size

403KB
MD5

0749c97b7ffb7e611e2947d5f303cd60
SHA1

a292c77ed11d855b0e91adb5831cfb8a43858e54
SHA256

d26a19cb71eabc35d6676e2d248ffa771dfd9c9d1264b67fae53864a4cf09372
SHA512

2d442774c35b6e6e288212bb45a84aff06a217dae54aa8b6118cc0727d12feb25d5a2319d88361af0acd2cc7f821683046b8780de56b5752b3decaa70ded6060
SSDEEP

12288:/D4vag+oAPH8j/FmqzFm6QLoay8HPxVO+9J3l:/DsaHEj/k6QLQ8HZ/JV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Tiny.exe

Files

0749c97b7ffb7e611e2947d5f303cd60_JaffaCakes118
.rar
Tiny.exe
.exe windows:4 windows x86 arch:x86

837a7aa25bfa86f82d01e43730e0a386

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

_TrackMouseEvent

wmvcore

WMCreateSyncReader

winmm

timeGetTime
mixerGetNumDevs
mixerOpen
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails

ddraw

DirectDrawCreateEx

kernel32

FreeLibrary
GetProcAddress
OutputDebugStringA
LoadLibraryA
GetVersionExA
InterlockedIncrement
InterlockedDecrement
GetCurrentDirectoryA
WaitForSingleObject
LocalFree
CreateThread
CreateEventA
GetTickCount
GetFileAttributesA
GetCommandLineW
CloseHandle
SetEvent
GlobalFree
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalLock
GetEnvironmentVariableA
SetEnvironmentVariableA
CompareStringW
CompareStringA
IsBadCodePtr
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
FileTimeToSystemTime
SetUnhandledExceptionFilter
GetLastError
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetCPInfo
TerminateProcess
GetStdHandle
SetHandleCount
GetFileType
SetStdHandle
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetTimeZoneInformation
RaiseException
HeapSize
ExitProcess
GetVersion
GetStartupInfoA
HeapReAlloc
GetCurrentProcess
SetFileAttributesA
ResumeThread
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
FindResourceA
RtlUnwind
HeapAlloc
CreateDirectoryA
HeapFree
DeleteFileW
SetEndOfFile
CreateFileW
DeviceIoControl
PeekNamedPipe
LoadResource
SizeofResource
LockResource
FreeResource
GetACP
Sleep
IsDBCSLeadByte
GetEnvironmentStringsW
CreateMutexA
ReleaseMutex
ResetEvent
InterlockedExchange
FileTimeToLocalFileTime
GetFileInformationByHandle
LCMapStringA
CreateFileA
ReadFile
WriteFile
SetFilePointer
GetFileSize
IsBadReadPtr
GetDriveTypeA
GetCommandLineA
SetThreadPriority
SuspendThread

user32

SetWindowRgn
ShowWindow
CheckMenuItem
SetForegroundWindow
UpdateWindow
GetKeyboardLayoutNameA
wsprintfA
SetCursor
SendMessageA
MessageBoxA
PostMessageA
GetAsyncKeyState
DestroyWindow
SetRect
DestroyMenu
DestroyCursor
LoadIconA
LoadCursorA
RegisterClassA
FindWindowA
GetWindowRect
CreateWindowExA
RegisterHotKey
GetWindowLongA
SetWindowLongA
LoadMenuA
RegisterClassExA
GetClassInfoExA
GetDialogBaseUnits
CreateWindowExW
GetKeyState
GetWindow
GetWindowTextW
SetWindowTextW
SetFocus
CallWindowProcA
GetClientRect
ClientToScreen
InvalidateRect
MoveWindow
GetUpdateRect
PostQuitMessage
FillRect
SetWindowPos
SetMenuItemInfoA
GetSubMenu
TrackPopupMenu
EndMenu
GetCursorPos
DefWindowProcA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
WaitMessage

gdi32

SetBkMode
SetBkColor
TextOutA
GetTextMetricsA
SetTextColor
GetGlyphOutlineA
BitBlt
DeleteObject
CreateSolidBrush
CreateFontIndirectA
GetStockObject
CreateCompatibleDC
CreateDIBSection
SelectObject
GetObjectA
ExtCreateRegion
CombineRgn
DeleteDC
GetTextExtentPoint32A

comdlg32

GetOpenFileNameA

shell32

DragAcceptFiles
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA
DragFinish
DragQueryFileA
CommandLineToArgvW
SHGetPathFromIDListA

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree

imm32

ImmGetConversionStatus
ImmIsIME
ImmGetCompositionStringA
ImmGetCandidateListA

dsound

ord1

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Exports

Exports

_FillWaveFormatEx@16
_FillWaveHeader@16

Sections

.text
Size: 628KB - Virtual size: 626KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

837a7aa25bfa86f82d01e43730e0a386

Headers

File Characteristics

Imports

comctl32

wmvcore

winmm

ddraw

kernel32

user32

gdi32

comdlg32

shell32

ole32

imm32

dsound

advapi32

Exports

Exports

Sections

.text Size: 628KB - Virtual size: 626KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 68KB - Virtual size: 310KB

.rsrc Size: 108KB - Virtual size: 107KB

.text
Size: 628KB - Virtual size: 626KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 68KB - Virtual size: 310KB

.rsrc
Size: 108KB - Virtual size: 107KB