2b3d777ec5d2833fce79c50878737e87_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b3d777ec5d2833fce79c50878737e87_JaffaCakes118
Size

195KB
MD5

2b3d777ec5d2833fce79c50878737e87
SHA1

912a5a7361771f8642f763d6ffa9c9b0daedfe9c
SHA256

274a0ff3350de8b06d62b9077144595ca5e292273a0731384e5e21e021db570c
SHA512

62a5aceeb32d490a725f4876107030a310ad3cfe0d6ae6437b8dca89771fa4f4727519d4b4d2cf0240e344a2af77b5f08d95944b305e63c68322765e910dc54e
SSDEEP

3072:VgfdCPbLMWq9uAiXVYvJ2noRa7mofHn6g5S1cHr6b27OKOD2tNDrw1GLw1zvKjU3:V2oPbLaV02R2oRKHHk127OKOj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b3d777ec5d2833fce79c50878737e87_JaffaCakes118

Files

2b3d777ec5d2833fce79c50878737e87_JaffaCakes118
.dll windows:5 windows x86 arch:x86

bea1d0bd6158e15e2eaaa28ecc6455dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrToIntW
StrChrW
PathRemoveFileSpecA
PathCommonPrefixA
PathAddBackslashA
PathCombineA
PathIsSameRootA
PathRemoveExtensionW
PathRemoveBlanksW
StrFormatByteSizeW
PathFindFileNameW
PathStripToRootW
PathFindNextComponentW
PathGetDriveNumberW
PathQuoteSpacesW
PathUnquoteSpacesW
SHStrDupW
PathAddBackslashW
PathIsURLW
PathFindExtensionW
PathCombineW
PathIsUNCA

comctl32

ImageList_Draw

winmm

mciSendCommandW

kernel32

GlobalFree
lstrlenA
lstrcmpiA
lstrlenW
lstrcmpiW
lstrcpynW
GetCurrentDirectoryW
GlobalAlloc
Sleep
GetShortPathNameW
CreateDirectoryA
CreateDirectoryW
MulDiv
QueueUserAPC
CopyFileW
DeleteFileA
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
CompareStringW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
GetLastError
GetFileSizeEx
CreateFileW
CloseHandle
GetTempPathA
GetFileAttributesW
SetLastError
DeleteFileW
InterlockedDecrement
GetDiskFreeSpaceExW
MoveFileExW
CopyFileExW
CreateThread
LocalFree
FormatMessageW
GetTimeFormatW
GetDateFormatW
FileTimeToSystemTime
GetFileInformationByHandle
TerminateThread
WaitForSingleObject
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
SetErrorMode
WaitForMultipleObjectsEx
GetCurrentThreadId
SetThreadPriority
GetCurrentThread
SleepEx
QueryPerformanceFrequency
DeviceIoControl
QueryPerformanceCounter
QueryDosDeviceW
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetDriveTypeA
GetLogicalDrives
lstrcpyA
GetVolumeInformationA
WritePrivateProfileStringA
WaitForSingleObjectEx
CreateEventW
SetEvent
lstrcpyW
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
DisableThreadLibraryCalls
InterlockedCompareExchange
RaiseException
LoadLibraryA
InterlockedExchange
LocalAlloc
GetTempFileNameA
FindFirstFileW
lstrcmpW
FindNextFileW
FindFirstFileA
FindNextFileA
FindClose
lstrcpynA
lstrcmpA
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
SetUnhandledExceptionFilter
IsDebuggerPresent
SetFileAttributesW

user32

SendMessageA
SetDlgItemInt
SetDlgItemTextA
GetDlgCtrlID
IsWindowEnabled
InsertMenuItemW
DeleteMenu
IsWindowVisible
GetWindowTextLengthW
LoadIconW
FlashWindowEx
MessageBeep
SetForegroundWindow
wsprintfA
CopyAcceleratorTableW
MapVirtualKeyW
GetKeyNameTextW
RegisterWindowMessageW
SetMenuItemInfoW
MapWindowPoints
CopyRect
GetWindowTextW
BeginPaint
IntersectRect
ValidateRect
EndPaint
CallWindowProcW
GetSystemMetrics
IsCharLowerW
IsCharUpperW
CharUpperBuffW
CharLowerBuffW
RegisterClassW
CreateWindowExW
DefWindowProcW
MsgWaitForMultipleObjectsEx
PostQuitMessage
GetClassInfoW
SendMessageW
DrawTextW
GetDlgItemTextW
SetDlgItemTextW
CharNextW
EndDialog
UnregisterClassW
PostThreadMessageW
GetFocus
DrawFocusRect
GetDC
FillRect
OffsetRect
SetRect
GetWindowLongW
GetAncestor
RedrawWindow
EnumChildWindows
GetDCEx
ReleaseDC
RemovePropW
SetWindowLongW
InflateRect
InvalidateRect
BeginDeferWindowPos
GetMenuItemCount
DeferWindowPos
EndDeferWindowPos
SetWindowPos
GetMenuItemInfoW
SetPropW
RegisterWindowMessageA
SendNotifyMessageW
CharUpperW
CharLowerW
CharNextA
GetSubMenu
GetWindowRect
CheckMenuItem
PeekMessageW
GetAsyncKeyState
GetCursorPos
SetCapture
GetClientRect
ClientToScreen
ScreenToClient
GetCapture
ReleaseCapture
EnableWindow
LoadImageW
UpdateWindow
PostMessageW
SendDlgItemMessageW
IsDlgButtonChecked
ShowWindow
SetWindowTextW
CheckDlgButton
MessageBoxW
IsWindow
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
SetTimer
KillTimer
GetDlgItem
GetParent
GetWindowThreadProcessId
FindWindowExW
GetPropW
CharPrevW
CharPrevA
GetSysColor

gdi32

GetObjectW
CreateFontIndirectW
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetStockObject
StretchBlt
SelectClipRgn
CombineRgn
CreateRectRgn
SetBkColor
GetPixel
CreateBitmap
DeleteObject
LineTo
MoveToEx
SelectObject
CreatePen
SetTextColor
SetBkMode
GetBkColor
GetTextColor
ExcludeClipRect
ExtTextOutW
GetDeviceCaps
CreateFontW
GetTextExtentPoint32W
GetTextMetricsW

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyW
RegCloseKey
RegQueryValueExW

shell32

DragQueryFileA
SHGetMalloc
SHBrowseForFolderW
SHGetFolderPathW
SHGetPathFromIDListW
DragFinish
ShellExecuteW

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoUninitialize
CoInitializeEx

oleaut32

SysFreeString

msvcr90

_lock
_encode_pointer
__dllonexit
_unlock
strchr
calloc
tolower
wcscpy
strcpy
wcschr
memmove
realloc
_strdup
_wfopen
_wcsdup
_wcsicmp
_wcsnicmp
_stricmp
_strnicmp
??2@YAPAXI@Z
memcpy
_wtoi
fopen
fprintf
fclose
??_U@YAPAXI@Z
??3@YAXPAX@Z
??_V@YAXPAX@Z
__CxxFrameHandler3
wcsncpy
strlen
wcslen
atoi
memset
memcmp
toupper
_crt_debugger_hook
_vsnwprintf
_vsnprintf
_purecall
malloc
free
wcsstr
strstr
__clean_type_info_names_internal
_unlink
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm

Exports

Exports

winampGetMediaLibraryPlugin

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bea1d0bd6158e15e2eaaa28ecc6455dd

Headers

File Characteristics

Imports

shlwapi

comctl32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcr90

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 2KB - Virtual size: 8KB

.rsrc Size: 48KB - Virtual size: 47KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 2KB - Virtual size: 8KB

.rsrc
Size: 48KB - Virtual size: 47KB

.reloc
Size: 11KB - Virtual size: 10KB