3b51bd99d42fcc7f5501550d69f95011_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b51bd99d42fcc7f5501550d69f95011_JaffaCakes118
Size

198KB
MD5

3b51bd99d42fcc7f5501550d69f95011
SHA1

2ba487a5b8118824f7ef3fb27830bf61982ce7c0
SHA256

905c2a192bc5a927d433c84bda0d642a4d2d3204cb7b576a11b7f6543e550013
SHA512

31bd36b99fda1d88a45eec5afd54dfa75b00b9f6c87cd19333ef6826f13c8e0bcb877bdecc32d25922071d2cca2137c14c87d8f75899856b172d31f14be760de
SSDEEP

6144:UTUyu+Wxh2FAUTaX/AmNM8uXup74KxEWtEKR6qYN:/a1T8/AH8QEEWtETv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b51bd99d42fcc7f5501550d69f95011_JaffaCakes118

Files

3b51bd99d42fcc7f5501550d69f95011_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c03854bb2b145b6e25900077b54b8282

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathCompactPathW

kernel32

lstrcpynW
lstrlenW
MultiByteToWideChar
ExitProcess
QueryPerformanceCounter
GetTickCount
LocalFree
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId

user32

EndDialog
ShowWindow
GetClientRect
GetDC
ReleaseDC
GetDlgItem
EnableWindow
SetTimer
MessageBoxW
GetWindowLongW
SendDlgItemMessageW
GetParent
KillTimer
SetWindowLongW
SendMessageW
SetWindowPos
wsprintfA
SetDlgItemTextW

gdi32

SelectObject
CreateCompatibleDC
DeleteDC
DeleteObject

ole32

CoCreateInstance
OleRun

oleaut32

SysFreeString

nscrt

_wcsicmp
_onexit
__dllonexit
__CppXcptFilter
_adjust_fdiv
_initterm
_except_handler3
__security_error_handler
_wcsdup
_CxxThrowException
??1type_info@@UAE@XZ
malloc
wcscmp
_itow
memcmp
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
wcslen
strlen
free
?terminate@@YAXXZ
memcpy

Exports

Exports

winampGetMediaLibraryPlugin
winampUninstallPlugin

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c03854bb2b145b6e25900077b54b8282

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

ole32

oleaut32

nscrt

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 476B

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 476B

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB