1a57229ee67e5fa4274a62bf29a0d6a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a57229ee67e5fa4274a62bf29a0d6a7_JaffaCakes118
Size

27KB
MD5

1a57229ee67e5fa4274a62bf29a0d6a7
SHA1

152ce83b744a9bef3e0a027f8c6a49795a272a78
SHA256

3de94bb20f7d6db3c85ad2a6ac2256214a7fedbee3b8743591a52b1efbe973a0
SHA512

9dec2081d046b26c3caa21de957bfa15f7478d9a3a6e08e4513eda34d341963b0ae9ddd29ef6e73d11c7fc41bb99c0bb4d0dd8c97bcc68bb4044749b2a13d81b
SSDEEP

768:9+yOjzZ4FwmstQlw5pakC35/GOkZmmOXtDl9P:9XOjzSFQP5okmGOkZJOZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a57229ee67e5fa4274a62bf29a0d6a7_JaffaCakes118

Files

1a57229ee67e5fa4274a62bf29a0d6a7_JaffaCakes118
.dll windows:5 windows x86 arch:x86

27f33782e86cca1e19ebeddc4fda7edc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_Create
ImageList_AddMasked

kernel32

lstrlenW
GetLastError
lstrcmpiA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
CreateMutexA
GlobalDeleteAtom
GetTickCount
SetLastError
lstrlenA
lstrcpynA
GlobalLock
GlobalAlloc
lstrcpynW
GlobalUnlock
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetPrivateProfileIntA
GlobalAddAtomW
IsDebuggerPresent

user32

RegisterHotKey
UnregisterHotKey
SetWindowTextW
GetKeyNameTextW
IsWindow
MapVirtualKeyA
GetWindowThreadProcessId
SetClipboardData
IsWindowVisible
SetTimer
ShowWindow
EmptyClipboard
GetForegroundWindow
SetForegroundWindow
CharNextW
CloseClipboard
CheckDlgButton
GetSystemMetrics
KillTimer
GetDlgItem
SetWindowLongA
GetWindowLongA
IsWindowUnicode
SetWindowLongW
DeregisterShellHookWindow
MessageBoxW
CallWindowProcA
CallWindowProcW
RegisterShellHookWindow
GetFocus
LoadBitmapA
GetClientRect
SendMessageA
GetAsyncKeyState
InvalidateRect
OpenClipboard
GetWindowTextW
SendMessageW
EnableWindow
TranslateMessage
DispatchMessageW
RegisterWindowMessageA

gdi32

DeleteObject

msvcr90

_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_wcsdup
memcpy
_strdup
_vsnwprintf
wcslen
malloc
free
??2@YAPAXI@Z
??3@YAXPAX@Z
_vsnprintf
??_V@YAXPAX@Z
memset
??_U@YAPAXI@Z
_purecall
_except_handler4_common

Exports

Exports

winampGetGeneralPurposePlugin

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27f33782e86cca1e19ebeddc4fda7edc

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

msvcr90

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB