2965c4fd815bf805d806415a32e1945a_JaffaCakes118

General

Target

2965c4fd815bf805d806415a32e1945a_JaffaCakes118
Size

182KB
MD5

2965c4fd815bf805d806415a32e1945a
SHA1

c7cd295628c533af27d0dde26ad45853cea3c887
SHA256

6eaaf7a523746ede60ea519a45bdbae7caf7411ab8f5925963357ff68a5f41a3
SHA512

a6a10d2c03140fd1e6c362fc748d301fb6836619c528523c20a35745f8315d26e42258604a0632f03b07ee97e81ab3ff046a4ea16c3613e61538e963c6fb77ab
SSDEEP

3072:HfM/N1Cf906Sxf36rjZQrSG/XbPpajLIdhSonfcNeiDmEbOZ3LGGto5:HfM/N1M9bSV65Qz/NaShSofqzmE8LGGa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2965c4fd815bf805d806415a32e1945a_JaffaCakes118

Files

2965c4fd815bf805d806415a32e1945a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cb3e5fdff1434717d14662d47de89586

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msacm32

acmFormatChooseA
acmFormatTagDetailsA
acmFormatDetailsA
acmStreamOpen
acmFormatSuggest
acmStreamPrepareHeader
acmStreamConvert
acmStreamClose
acmStreamUnprepareHeader

shlwapi

StrChrW
PathIsURLW

kernel32

GetPrivateProfileStringA
GetPrivateProfileStructA
MultiByteToWideChar
lstrcpyW
FindFirstFileW
FindNextFileW
FindClose
WideCharToMultiByte
WritePrivateProfileStringA
WritePrivateProfileStructA
lstrcpynA
VirtualQuery
SetFilePointer
CloseHandle
GetFileSize
WriteFile
CreateFileW
GetPrivateProfileIntA

user32

SetWindowLongA
IsDlgButtonChecked
SendDlgItemMessageA
SetDlgItemTextA
GetWindowLongA
SendMessageA
CheckDlgButton
GetDlgItemTextA

nscrt

_purecall
_stricmp
??2@YAPAXI@Z
strchr
_vsnprintf
malloc
memset
memcpy
free
??3@YAXPAX@Z
_strdup

Exports

Exports

ConfigAudio3
CreateAudio3
FinishAudio3
FinishAudio3W
GetAudioTypes3
GetConfigItem
SetWinampHWND

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 394B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb3e5fdff1434717d14662d47de89586

Headers

DLL Characteristics

File Characteristics

Imports

msacm32

shlwapi

kernel32

user32

nscrt

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 20B

.rsrc Size: 173KB - Virtual size: 172KB

.reloc Size: 512B - Virtual size: 394B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 20B

.rsrc
Size: 173KB - Virtual size: 172KB

.reloc
Size: 512B - Virtual size: 394B