602911382683dfd6d644cbf52afb8357_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

602911382683dfd6d644cbf52afb8357_JaffaCakes118
Size

120KB
MD5

602911382683dfd6d644cbf52afb8357
SHA1

d515aa2cedde06482c0416e8bdc0d7d4da0c6c92
SHA256

580a75b7a2ce3e9cae6cbb3bdaebd4bb605d9d622da0380cc7f980b4d4974867
SHA512

391b4528cf81d56218d4d42c99eeecf24312f552153f25b50061e141bf13ad1fd34c95aeeb3e837452599bc266725a254c7d871a45db9ae63d3bb453392176bc
SSDEEP

3072:PNPOLRlJrouG0jkH8cfulafTsMGp6zuUBrdCig:PwlmXmlaLsMGnUBo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
602911382683dfd6d644cbf52afb8357_JaffaCakes118

Files

602911382683dfd6d644cbf52afb8357_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1403188ffdf3e5187744b414b2dad6ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mciseq.pdb

Imports

ntdll

wcsncpy
wcslen

user32

PostThreadMessageW
GetMessageW
DispatchMessageW
FindWindowW
BringWindowToTop
GetDesktopWindow
LoadStringW

kernel32

LoadLibraryA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
WaitForSingleObject
CloseHandle
LocalFree
LocalLock
LocalAlloc
GlobalFree
DisableThreadLibraryCalls
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalAlloc
MulDiv
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep

winmm

timeKillEvent
timeSetEvent
mciSetDriverData
midiOutGetNumDevs
mciDriverYield
mmioSeek
mmioDescend
mmioOpenW
mmioClose
mmioRead
mmGetCurrentTask
mciDriverNotify
mciGetDriverData
mmTaskCreate
mmioAscend
DefDriverProc
timeGetDevCaps
midiOutShortMsg
midiOutLongMsg
timeGetTime
timeEndPeriod
midiOutCacheDrumPatches
midiOutCachePatches
midiOutUnprepareHeader
timeBeginPeriod
midiOutPrepareHeader
midiOutClose
midiOutOpen

Exports

Exports

DriverProc

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1403188ffdf3e5187744b414b2dad6ab

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

user32

kernel32

winmm

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 6KB

.rsrc Size: 99KB - Virtual size: 99KB

.reloc Size: 1024B - Virtual size: 664B

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 99KB - Virtual size: 99KB

.reloc
Size: 1024B - Virtual size: 664B