3de15d5ec9e8d48384a4ed4368f23d78_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3de15d5ec9e8d48384a4ed4368f23d78_JaffaCakes118
Size

25KB
MD5

3de15d5ec9e8d48384a4ed4368f23d78
SHA1

7cdb693ace80686aadcf46318eb4e6b95a63e964
SHA256

04ce30bb13709340aa9a821f1ef6502be3ffd55bc5b02eb802c5ad843a324581
SHA512

20ab68d9d7446096574f8dcbc3307e633f95ee5e569f5a016b5ca4a7f783a88fbc89445261b9fcbefff9abeff4a0a15bff064e9dd73cd184882c1de7be6e3604
SSDEEP

384:/eNOKAOd8OYXwRRGnOShaCj8owM+Si3AYDs1brD1+n0t4OE7WnZ:/TKAQ8pAOOSECj8k1bS0t5iW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3de15d5ec9e8d48384a4ed4368f23d78_JaffaCakes118

Files

3de15d5ec9e8d48384a4ed4368f23d78_JaffaCakes118
.dll windows:5 windows x86 arch:x86

71bafdd8bbecf050d70861bd16f3f829

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsW
StrStrIW

kernel32

DisableThreadLibraryCalls
VirtualAllocEx
GetProcAddress
lstrcmpiW
FindNextFileW
CloseHandle
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
GetModuleFileNameW
lstrcpynW
GetVersionExW
ReadProcessMemory
VirtualFreeEx
OpenProcess
GetPrivateProfileStringW
GetModuleHandleW
GetCurrentProcess
FindFirstFileW
FindClose

user32

GetClassNameW
SetWindowLongA
CreateIcon
LoadIconW
GetDC
GetIconInfo
CreateIconIndirect
SetPropW
PtInRect
SetFocus
FindWindowW
CharPrevW
LoadCursorW
SetForegroundWindow
GetKeyState
DrawTextW
LoadImageW
RegisterWindowMessageW
SetActiveWindow
GetWindowRect
SetCursor
IsWindowUnicode
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
GetCursorPos
CheckDlgButton
EnumChildWindows
IsDlgButtonChecked
IsWindow
MessageBoxW
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
MapWindowPoints
EnableWindow
SetWindowTextW
DestroyIcon
GetPropW
CallWindowProcW
CopyRect
GetWindowThreadProcessId
ReleaseDC

gdi32

GetCurrentObject
StretchBlt
SetStretchBltMode
DeleteDC
SetTextColor
CreateFontIndirectW
GetObjectW
GetPixel
CreateBitmap
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetPixel

comdlg32

GetOpenFileNameW

shell32

Shell_NotifyIconW

msvcr90

_vsnwprintf
_vsnprintf
memset

Exports

Exports

winampGetGeneralPurposePlugin
winampUninstallPlugin

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71bafdd8bbecf050d70861bd16f3f829

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

shell32

msvcr90

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB