9731fbc2f1ea0edeb78d376c8a8f7e32_JaffaCakes118

General

Target

9731fbc2f1ea0edeb78d376c8a8f7e32_JaffaCakes118
Size

157KB
MD5

9731fbc2f1ea0edeb78d376c8a8f7e32
SHA1

e091fc39d39751c085ecf4466a6bd361f30fdaa2
SHA256

a1fa521d1ce2ba868635ce1d989372048233d941d485dafe093eaa17695e98ab
SHA512

321f4df8cf98129cba2e952eddb549d49a764d5233d6778d740074638471111fda9a38f9b411a0ff8ba3578156ccd95c5e12f122ac3dc7632c6ad31eef09f589
SSDEEP

3072:/f6Ju5qem9FZ9a5VYYuQ7G3BNWG4V2texaoLD26rfeNBt3x8P+:35fWcVYu78BNHI2teEov3rfAnyW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9731fbc2f1ea0edeb78d376c8a8f7e32_JaffaCakes118

Files

9731fbc2f1ea0edeb78d376c8a8f7e32_JaffaCakes118
.dll windows:4 windows x86 arch:x86

46465f58012fd3fe89703696dfb927b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\sandbox\20071220_095411\enc_lame\Profiling\enc_lame.pdb

Imports

kernel32

VirtualQuery
GetPrivateProfileStructA
WritePrivateProfileStructA
lstrcpynA
lstrcmpiA
GetProcAddress
LoadLibraryA
lstrlenA
GetModuleFileNameA

user32

GetDlgItem
EnableWindow
SetWindowLongA
SendMessageA
SendDlgItemMessageA
SetDlgItemTextA

nscrt

memset
_purecall
malloc
free
??3@YAXPAX@Z
??2@YAPAXI@Z
memcpy
atoi
_vsnprintf

Exports

Exports

ConfigAudio3
CreateAudio3
FinishAudio3
GetAudioTypes3
GetConfigItem
PrepareToFinish
SetConfigItem
SetWinampHWND

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46465f58012fd3fe89703696dfb927b7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

nscrt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 132B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 512B

.text Size: 145KB - Virtual size: 148KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 132B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 512B

.text
Size: 145KB - Virtual size: 148KB