2ef2f4c5d5bee805d5e14dc137ad689e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ef2f4c5d5bee805d5e14dc137ad689e_JaffaCakes118
Size

303KB
MD5

2ef2f4c5d5bee805d5e14dc137ad689e
SHA1

906db1f06716b983bd1d8ce02b94fc727e52d07f
SHA256

a533360ff1cc457570e10ab47b3cf24d2f652a35dcb9cca1019b3db56a9625c2
SHA512

13df9768b018b0e70ca0fe073fa8346fda1f3936a7fa7fe345beec751aa7828ee6b2a2a8e661c8d2c5bc7b34a10d28f8d276b04332fe5e59dd0772e28ebced93
SSDEEP

6144:z6DwqI38fpo4ISXF+FnvSVQMSeNsqum2xXe/0SNlhydx1Ids:z6DwXOpsSXFOnaeM9om2S0SDMdxKC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ef2f4c5d5bee805d5e14dc137ad689e_JaffaCakes118

Files

2ef2f4c5d5bee805d5e14dc137ad689e_JaffaCakes118
.exe windows:9 windows x86 arch:x86

d595faaed0b33c909b784879e9445010

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

aux32Message
DrvGetModuleHandle
mciFreeCommandResource
mmDrvInstall
mciSendStringA
mixerSetControlDetails
joyGetDevCapsW
timeEndPeriod
auxGetNumDevs
waveOutSetVolume
waveOutGetDevCapsW
mmioAdvance
mmsystemGetVersion
midiStreamStop
timeKillEvent
mmioOpenW
mmioInstallIOProcA
mciSendCommandA
midiStreamClose
waveOutMessage
mixerMessage
waveInOpen
midiOutGetDevCapsW
midiStreamPause
mxd32Message
OpenDriver
midiStreamRestart
mciSetYieldProc
mod32Message
NotifyCallbackData
joySetThreshold
midiOutGetDevCapsA
midiStreamOut
waveInPrepareHeader
mixerGetID
mciDriverYield
waveOutRestart
mmioOpenA
mmTaskYield
auxOutMessage
joyGetThreshold
waveInMessage
waveInGetErrorTextW
joySetCapture
midiOutReset
midiInUnprepareHeader
mmioGetInfo
joyGetDevCapsA
midiOutCacheDrumPatches
mixerGetLineControlsA
WOW32DriverCallback
waveInUnprepareHeader
mciExecute
mciDriverNotify
mmioCreateChunk
mmioSeek
midiOutMessage
waveInReset
mmioSetBuffer
waveInGetNumDevs
mciGetDeviceIDFromElementIDA
joy32Message
midiOutLongMsg
waveInGetErrorTextA
wod32Message
DriverCallback
sndPlaySoundW
midiInStop
midiConnect
waveInStart
mmTaskSignal
waveInGetID
mciSendCommandW
waveInAddBuffer
mixerGetLineInfoW
mixerGetControlDetailsA
midiOutClose
midiInPrepareHeader
CloseDriver
mciSendStringW
midiInGetID
midiOutGetErrorTextW
mmioClose
midiInAddBuffer
joyGetNumDevs
mciGetErrorStringA
wid32Message
mixerOpen
mixerGetDevCapsW
midiInMessage
mmioWrite
waveInStop
waveOutSetPitch

kernel32

SetPriorityClass
GetLocalTime
GetCurrentDirectoryW
FreeLibrary
InitializeCriticalSection
DeleteFileW
GetVersionExA
WriteTapemark
FlushFileBuffers
GetCurrentThreadId
FindNextVolumeMountPointW
MultiByteToWideChar
TerminateProcess
VirtualAlloc
GetPrivateProfileStringW
CreateFileW
SetFileShortNameW
FindFirstFileW
LoadLibraryW
Sleep
FormatMessageW
CreateEventW
ReleaseSemaphore
LocalFree
BackupRead
SystemTimeToFileTime
GetNumberFormatW
GetTapePosition
GetFileSize
EnterCriticalSection
CreateDirectoryW
GetStartupInfoW
FindClose
CreateSemaphoreW
CloseHandle
WriteFile
GetComputerNameW
CreateProcessW
LeaveCriticalSection
CloseHandle
ExpandEnvironmentStringsW
LocalAlloc
GetPriorityClass
SetFileTime
GetLocaleInfoW
GetVolumeNameForVolumeMountPointW
GetTimeFormatW
CreateMutexW
SetErrorMode
VirtualFree
SetEvent
GetTickCount
FindVolumeMountPointClose
GetTimeZoneInformation
SetLastError
ReleaseMutex
TerminateThread
LocalFileTimeToFileTime
GetWindowsDirectoryW
SetTapePosition
SetFileAttributesW
GetVersionExW
FindFirstVolumeMountPointW
LoadLibraryA
DeleteCriticalSection

advpack

TranslateInfString
RegSaveRestoreOnINF
FileSaveRestoreOnINF
LaunchINFSectionEx
RegInstall
AddDelBackupEntry
NeedReboot
LaunchINFSection
UserInstStubWrapper
TranslateInfStringEx
RegRestoreAll
FileSaveRestore
NeedRebootInit
DoInfInstall
OpenINFEngine

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d595faaed0b33c909b784879e9445010

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

advpack

Sections

.text Size: 178KB - Virtual size: 178KB

.data Size: 51KB - Virtual size: 51KB

.rsrc Size: 72KB - Virtual size: 552KB

.text
Size: 178KB - Virtual size: 178KB

.data
Size: 51KB - Virtual size: 51KB

.rsrc
Size: 72KB - Virtual size: 552KB