266f98996f8540cd62a50c3423651094_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

266f98996f8540cd62a50c3423651094_JaffaCakes118
Size

508KB
MD5

266f98996f8540cd62a50c3423651094
SHA1

05dfe984ab283805e658aabf0ad2c600fde77036
SHA256

b46226935197c16ca149db845a8bba5d741c1b71fb7767881671da4302f14bb1
SHA512

dc077af45f9a826e2dcdaabd2be94e5993fd2bcb4129c17fe830630736f62a6ae52e65e39005006b22001f68ed0e28fa6159bf8d9c69ac3d615611d5724a3867
SSDEEP

6144:PwRqw9wxU9UcP6PL9o0oRPHkRyubDR1pNXBGAFDoAPnxhSgojv/ajPO:Pwj9oU91ipo0o7uTLxKAJhbIyjG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266f98996f8540cd62a50c3423651094_JaffaCakes118

Files

266f98996f8540cd62a50c3423651094_JaffaCakes118
.dll windows:4 windows x86 arch:x86

756c2cddb049fadd85387ce6c660a203

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsAlloc
lstrcpynA
GlobalFree
WritePrivateProfileStructA
WritePrivateProfileStringA
LeaveCriticalSection
GetPrivateProfileStructA
GetPrivateProfileStringA
GetPrivateProfileIntA
EnterCriticalSection
SetCurrentDirectoryA
GetCurrentDirectoryA
InitializeCriticalSection
CreateDirectoryA
GetModuleFileNameA
DeleteCriticalSection
OutputDebugStringA
VirtualAlloc
GetModuleHandleA
VirtualFree
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapReAlloc
HeapAlloc
HeapFree
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
TlsSetValue
GlobalAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetProcAddress
GetStartupInfoA
WideCharToMultiByte
ExitProcess
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
RtlUnwind
GetStdHandle
GetFileType
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
TerminateProcess
GetCurrentProcess
SetHandleCount

user32

IsWindow
EndDialog
GetWindowRect
SetWindowPos
EnableWindow
CheckDlgButton
GetDlgItemTextA
IsDlgButtonChecked
MessageBoxA
KillTimer
SetTimer
DialogBoxParamA
GetDlgItem
SendDlgItemMessageA
SetDlgItemTextA
DestroyWindow
SendMessageA
CreateDialogParamA
wsprintfA
ShowWindow

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Exports

Exports

winampDSPGetHeader2

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 421KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

756c2cddb049fadd85387ce6c660a203

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 21KB - Virtual size: 139KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 6KB - Virtual size: 5KB

.text Size: 421KB - Virtual size: 424KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 21KB - Virtual size: 139KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 421KB - Virtual size: 424KB