1ba8a8118ef1c6f8b202cfe2e991b492_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1ba8a8118ef1c6f8b202cfe2e991b492_JaffaCakes118
Size

73KB
MD5

1ba8a8118ef1c6f8b202cfe2e991b492
SHA1

9419c86de92a876abb408a8dcf8bb1dd0336edf2
SHA256

26f9d208d7b8f6bc6a377568e66c4c1ce1172114185d55a93bc757986c0d3246
SHA512

5ddfb23c53a259deef14ec3a93f3d693d4684190bb4d8b784e3276b00148237390f51e49ab25001710a59cad9019248bf9e1e995a68aabd4868d26f5868e89ff
SSDEEP

1536:iFPoTkVLYdpZqTKfF5WylcUafrpXRpdneVTOtvlODPm5gj:Yw4tYdDFPXafF/dnedOtMDPCg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ba8a8118ef1c6f8b202cfe2e991b492_JaffaCakes118

Files

1ba8a8118ef1c6f8b202cfe2e991b492_JaffaCakes118
.dll windows:5 windows x86 arch:x86

c20656696a0f849995c03661122492ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFindExtensionW
PathIsURLW

kernel32

GetTempPathA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
LeaveCriticalSection
MulDiv
ReadFile
lstrcmpiA
EnterCriticalSection
MoveFileA
CloseHandle
DeleteFileA
FindFirstFileW
WaitForSingleObject
GetTickCount
InitializeCriticalSection
WideCharToMultiByte
TerminateThread
Sleep
lstrcpynW
CompareStringW
MultiByteToWideChar
SetThreadPriority
DeleteCriticalSection
GetShortPathNameW
CreateThread
QueryPerformanceCounter
QueryPerformanceFrequency
FindNextFileA
GetPrivateProfileStringA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
InterlockedCompareExchange
InterlockedExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
GetPrivateProfileIntA
WritePrivateProfileStringA
GetModuleFileNameA
lstrcpynA
FreeLibrary
CreateDirectoryA
FindFirstFileA
GetProcAddress
FindClose
LoadLibraryA
GetLastError

user32

TranslateMessage
GetAsyncKeyState
PeekMessageA
ReleaseDC
SendMessageTimeoutA
PostMessageA
DispatchMessageA
LoadImageA
SetTimer
SendDlgItemMessageA
KillTimer
GetDC
MessageBoxA
GetDlgItem
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
wsprintfA
SendMessageA
SetDlgItemInt
EndDialog
CheckDlgButton
IsDlgButtonChecked
DrawTextA
GetParent

gdi32

BitBlt
SetTextColor
DeleteDC
CreateDIBSection
SetBkMode
DeleteObject
SelectObject
TextOutA
CreateCompatibleDC

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

msvcr90

_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_adjust_fdiv
__CxxFrameHandler3
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_amsg_exit
_strnicmp
strlen
strcpy
memcpy
_purecall
??3@YAXPAX@Z
strcat
??2@YAPAXI@Z
_stricmp
strncmp
free
malloc
strstr
strchr
atoi
memset
strcmp
_strdup
realloc
atan2
_wcsicmp
sqrt
cos
rand
_vsnwprintf
_vsnprintf
wcscmp
fabs
sin
sprintf
_atof_l
_encode_pointer

Exports

Exports

winampGetExtendedFileInfoW
winampGetInModule2
winampSetExtendedFileInfo
winampWriteExtendedFileInfo

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c20656696a0f849995c03661122492ca

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

msvcr90

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 22KB

.rsrc Size: 14KB - Virtual size: 14KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 22KB

.rsrc
Size: 14KB - Virtual size: 14KB

.reloc
Size: 4KB - Virtual size: 4KB