86d1dc5ca7324e51599ec2fc488feae8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86d1dc5ca7324e51599ec2fc488feae8_JaffaCakes118
Size

320KB
MD5

86d1dc5ca7324e51599ec2fc488feae8
SHA1

f54c18975ec9ce6f11386d19ea2ba3a202020d38
SHA256

1bd26725d6d49fa6e0b23e5d1ea8eaaa1ce0178b77ac8d58b187fd71f8dc4f52
SHA512

2b8a1f1ffa37dd23f88305518bb7fa7d372fbf371fab9caea82cac5d700a60471752f906cc9727bcd3f7766257efbc8664f966e34dc0c7f1416e95a2f805336d
SSDEEP

6144:sIyEr1fTcAYfph1u79Ize0ZPi92PnJhU8oCacVE9M5WXUtwO:sIneRh2Gz5ZPi9WnxacVEy5WSwO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86d1dc5ca7324e51599ec2fc488feae8_JaffaCakes118

Files

86d1dc5ca7324e51599ec2fc488feae8_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4f51953d9e99579a5cc197149bedca98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

mmioClose
midiOutGetDevCapsW
midiConnect
mmioOpenW
midiInReset
midiInGetNumDevs
mciDriverYield
mmioRead
mciGetDriverData
joySetCapture
midiOutOpen
GetDriverModuleHandle
waveInGetNumDevs
midiStreamOpen
midiOutGetDevCapsA
mmioDescend
joyGetNumDevs
auxGetDevCapsA
midiInStart
waveOutUnprepareHeader
mod32Message
aux32Message
mmTaskYield
mixerGetLineControlsA
mixerClose
auxGetDevCapsW
joyGetPos
midiInAddBuffer
mmioInstallIOProcA
midiStreamStop
mmioStringToFOURCCW
WOW32ResolveMultiMediaHandle
mciGetDeviceIDW
PlaySound
mmTaskBlock
waveOutSetPlaybackRate
mmDrvInstall
waveOutGetPlaybackRate
waveInReset
mixerGetLineInfoW
mmioAdvance
mmioOpenA
mixerMessage
waveInGetDevCapsW
midiOutGetErrorTextW
waveInPrepareHeader
waveOutSetVolume
timeGetSystemTime
auxOutMessage
mixerGetControlDetailsA
midiOutClose
waveOutGetVolume
midiInGetErrorTextA
CloseDriver
mmioGetInfo
waveOutGetPosition
midiInUnprepareHeader
midiInPrepareHeader
OpenDriver
mixerGetControlDetailsW
joyGetThreshold
midiStreamClose
mmioAscend
auxGetNumDevs
waveInMessage
mciSendCommandW
midiStreamRestart
NotifyCallbackData
mmioFlush
joyGetDevCapsW

kernel32

GetCurrentProcessId
FindNextFileW
GetPriorityClass
GetTickCount
EraseTape
FindVolumeMountPointClose
GetLocaleInfoW
FindFirstVolumeMountPointW
BackupWrite
CreateFileW
GetVersionExA
SetTapeParameters
CompareStringW
ExpandEnvironmentStringsW
ExitThread
LoadLibraryA
CreateDirectoryW
FileTimeToLocalFileTime
BackupRead
SetLastError
SetFilePointer
GetTapeParameters
InitializeCriticalSection
FindFirstFileW
VirtualAlloc
SystemTimeToTzSpecificLocalTime
GetLocalTime
FindNextVolumeMountPointW
GetFileAttributesW
VirtualFree
SetFileAttributesW
GetCurrentDirectoryW
GetComputerNameW
HeapFree
TerminateThread
LocalAlloc
GetCurrentProcess
GetSystemTimeAsFileTime
GetCompressedFileSizeW
EnterCriticalSection
LoadLibraryW
SetEvent
PrepareTape
HeapAlloc
SetEndOfFile
GetFileInformationByHandle
GetWindowsDirectoryW
LocalFree
FreeLibrary
BackupSeek
UnhandledExceptionFilter
FileTimeToSystemTime
FindClose
WideCharToMultiByte
CreateEventW
CloseHandle
DeleteFileW
GetLogicalDriveStringsW
VerSetConditionMask
GetTapeStatus
SetPriorityClass
RemoveDirectoryW
LeaveCriticalSection

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f51953d9e99579a5cc197149bedca98

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

Sections

.text Size: 179KB - Virtual size: 179KB

.data Size: 54KB - Virtual size: 54KB

.rsrc Size: 85KB - Virtual size: 604KB

.text
Size: 179KB - Virtual size: 179KB

.data
Size: 54KB - Virtual size: 54KB

.rsrc
Size: 85KB - Virtual size: 604KB