1890ecf9c18cb565d9f100bc53f5df97_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1890ecf9c18cb565d9f100bc53f5df97_JaffaCakes118
Size

9KB
MD5

1890ecf9c18cb565d9f100bc53f5df97
SHA1

21a5d6ff133e60913c10f7ea966d7943ada3fb5d
SHA256

5938e15163f63050a051a8773d990b49b3e812cb9481216d4dc2cb3dab5f477f
SHA512

638d04fb8e55ebdb25bda7e33a681fd2452e3a10e92ec9b18408d5e3d5e6fde7e30b3001abc5aab852d76dd71080075205dfc98ba730984e00a7378212e8268b
SSDEEP

192:DpO/DIlEloCIUNwP+ZJzyJJSEblUZhAtOc30w4xrQF:DucltCIb+jubSEpYhA8c30w4xr+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tpiano.exe

Files

1890ecf9c18cb565d9f100bc53f5df97_JaffaCakes118
.zip
tpiano.exe
.exe windows:4 windows x86 arch:x86

cb360093ce20db7bd074414c6e03b5d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

comdlg32

GetSaveFileNameA

crtdll

_fmode_dll
_fpreset
_iob
__GetMainArgs
_setmode
atexit
fclose
fgets
fopen
fprintf
free
fwrite
malloc
memset
signal
_cexit
sprintf
sscanf
_environ_dll
_fileno

gdi32

GetStockObject
SelectObject
TextOutA
CreateFontA
Ellipse

kernel32

ExitProcess
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetTickCount
SetUnhandledExceptionFilter

user32

DefWindowProcA
DestroyMenu
DestroyWindow
DispatchMessageA
EndPaint
FillRect
GetDC
GetMessageA
GetSubMenu
GetWindowLongA
InvalidateRect
LoadCursorA
LoadIconA
LoadMenuA
MessageBoxA
PostQuitMessage
RegisterClassA
ReleaseDC
SendMessageA
SetFocus
SetWindowTextA
ClientToScreen
ShowWindow
TrackPopupMenu
UpdateWindow
CreateWindowExA
BeginPaint

winmm

timeBeginPeriod
timeEndPeriod
timeKillEvent
timeSetEvent
midiOutClose
midiOutGetDevCapsA
midiOutGetNumDevs
midiOutOpen
midiOutShortMsg

wsock32

htonl

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 384B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb360093ce20db7bd074414c6e03b5d2

Headers

File Characteristics

Imports

comctl32

comdlg32

crtdll

gdi32

kernel32

user32

winmm

wsock32

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 360B

.bss Size: - Virtual size: 384B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 360B

.bss
Size: - Virtual size: 384B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB