96c924928b282d93a4e4d64a09ae9487_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96c924928b282d93a4e4d64a09ae9487_JaffaCakes118
Size

67KB
MD5

96c924928b282d93a4e4d64a09ae9487
SHA1

2a8bddf188064a9569d07256e5aeb6debdc65189
SHA256

d12a3230f54d4aa6136eb4ce6916e55e6a2d86cfc30b564d2b264b8c1ba361a7
SHA512

2755e94680470a53250ed7ff03523b5371de9625811e1e4634354c6af3d1ac37104e31dfbba8433aba5c6a7522acb4b1db95f77167df0f0895ba748fc97bea26
SSDEEP

1536:qfUZEHDb1SXq2x1wwb7ehe+qA0L6sx3JJMLADSFJAK8PQV7q:zCDb1SX2wOheNL7vSF8Pm7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96c924928b282d93a4e4d64a09ae9487_JaffaCakes118

Files

96c924928b282d93a4e4d64a09ae9487_JaffaCakes118
.dll windows:4 windows x86 arch:x86

12ab58b1abad2bcf002b229ca60eb4e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFindExtensionA

kernel32

CreateFileA
GetFileSize
SetFilePointer
WriteFile
LeaveCriticalSection
MulDiv
ReadFile
lstrcmpiA
EnterCriticalSection
MoveFileA
CloseHandle
DeleteFileA
WaitForSingleObject
GetTickCount
GetTempPathA
TerminateThread
Sleep
SetThreadPriority
CompareStringA
DeleteCriticalSection
CreateThread
QueryPerformanceCounter
QueryPerformanceFrequency
GetLastError
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
FindNextFileA
DisableThreadLibraryCalls
LoadLibraryA
FindClose
GetProcAddress
FindFirstFileA
CreateDirectoryA
FreeLibrary
lstrcpynA
InitializeCriticalSection
GetModuleFileNameA

user32

DrawTextA
GetDC
TranslateMessage
GetAsyncKeyState
PeekMessageA
ReleaseDC
SendMessageTimeoutA
DispatchMessageA
LoadImageA
SetTimer
SendDlgItemMessageA
KillTimer
GetParent
MessageBoxA
GetDlgItem
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
wsprintfA
SendMessageA
SetDlgItemInt
EndDialog
CheckDlgButton
IsDlgButtonChecked
PostMessageA

gdi32

TextOutA
SelectObject
DeleteObject
SetBkMode
CreateDIBSection
DeleteDC
SetTextColor
BitBlt
CreateCompatibleDC

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

nscrt

sin
fabs
_vsnprintf
rand
cos
strncmp
sqrt
atan2
realloc
strcmp
memset
atoi
strchr
strstr
sprintf
atof
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
_strnicmp
_strdup
free
_stricmp
__CxxFrameHandler
strlen
strcpy
memcpy
_purecall
strcat
malloc

Exports

Exports

winampGetExtendedFileInfo
winampGetInModule2
winampSetExtendedFileInfo
winampWriteExtendedFileInfo

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 226KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12ab58b1abad2bcf002b229ca60eb4e5

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

nscrt

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 20KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 226KB - Virtual size: 228KB

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 20KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 226KB - Virtual size: 228KB