0f49a3e6d83bd77366bb4cd6f23fa8c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f49a3e6d83bd77366bb4cd6f23fa8c1_JaffaCakes118
Size

325KB
MD5

0f49a3e6d83bd77366bb4cd6f23fa8c1
SHA1

942afae21995e93097885fe49f17ba9c9377e3c8
SHA256

d41e652f65c7cb856a8e6f00bd24a0e5d9d3376a7ea277f76856a3665e9e394c
SHA512

f564e3e5f1bebde41598bb40803be7bc40775ba24577760c86d54e525a768df2af546b4d1145b8db036a3c68adee8ca7536a38194245dedee96aa0af4f712fc7
SSDEEP

6144:HXte/n7X5lfaBE/l+CPHPaEkVjZ7W9cGARKcCMS1RSVVEUV6fgp31:3wL5lfaMAN5N7WSR6MS1Roz6C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f49a3e6d83bd77366bb4cd6f23fa8c1_JaffaCakes118

Files

0f49a3e6d83bd77366bb4cd6f23fa8c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c65bf9e5066c300ac96ffb903522af8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

aux32Message
waveInReset
mciSendCommandW
mmioRead
mixerGetLineControlsA
midiOutReset
CloseDriver
waveOutClose
waveInGetErrorTextW
midiOutCachePatches
mixerSetControlDetails
auxGetDevCapsA
mmioRenameW
waveInGetDevCapsW
midiInStop
mciExecute
NotifyCallbackData
waveInMessage
midiStreamOpen
midiInGetErrorTextA
mmioAdvance
mmioStringToFOURCCW
mmioSendMessage
mixerGetControlDetailsA
timeGetTime
mixerMessage
mixerGetControlDetailsW
mciSendCommandA
midiInClose
PlaySoundA
midiOutShortMsg
mixerGetID
waveOutUnprepareHeader
mmGetCurrentTask
mmTaskCreate
sndPlaySoundA
joyConfigChanged
waveOutGetDevCapsA
mciSetYieldProc
mmioGetInfo
mmioSetBuffer
mixerClose
midiOutOpen
mxd32Message
waveOutBreakLoop
waveInStop
waveOutGetPitch
timeGetDevCaps
waveInOpen
timeBeginPeriod
waveOutReset
mciSendStringW
mmioStringToFOURCCA
joyReleaseCapture
mciDriverNotify
midiOutGetDevCapsA
mciGetYieldProc
GetDriverModuleHandle
midiDisconnect
PlaySound
midiOutGetDevCapsW
waveInUnprepareHeader
midiStreamProperty

kernel32

GetPriorityClass
SetCurrentDirectoryW
GetDateFormatW
VirtualFree
ExpandEnvironmentStringsW
FindClose
SetFileTime
ReleaseSemaphore
SetFileShortNameW
GetTickCount
CreateEventW
CloseHandle
FindFirstVolumeMountPointW
LocalAlloc
VerifyVersionInfoW
FindFirstFileW
LocalFree
CreateFileW
HeapAlloc
SetFilePointer
BackupRead
GetFileSize
GetVolumeInformationW
SetFileAttributesW
GetTapePosition
FileTimeToSystemTime
SetPriorityClass
GetCurrentDirectoryW
SetEvent
GetTapeParameters
SystemTimeToTzSpecificLocalTime
GetSystemDirectoryW
CreateHardLinkW
HeapFree
GetNumberFormatW
SetEndOfFile
GetProcAddress
VirtualAlloc
GetDiskFreeSpaceExW
CreateSemaphoreW
LocalFileTimeToFileTime
RemoveDirectoryW
FindNextVolumeMountPointW
GetUserDefaultLCID
GetVersionExA
GetTimeZoneInformation
BackupWrite

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c65bf9e5066c300ac96ffb903522af8

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

Sections

.text Size: 183KB - Virtual size: 183KB

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 97KB - Virtual size: 564KB

.text
Size: 183KB - Virtual size: 183KB

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 97KB - Virtual size: 564KB