a0c3c47a70036fd78d0c4b645545304b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0c3c47a70036fd78d0c4b645545304b_JaffaCakes118
Size

208KB
MD5

a0c3c47a70036fd78d0c4b645545304b
SHA1

a76143ee20c886bec52f03f6c5b15f44716c6868
SHA256

46dac3ebc1d2b4922533ab55536a811bd517724097a7dfdd5b061c54cafd8aa1
SHA512

f4720f97d8c83f822d691607a0a20e8ae79b2d4270c365f0f18d4af13be3d775caff12b6bbd80d5823258bef2815a6f006048e44e9fedde75f33490cf2768881
SSDEEP

3072:1YFvh7r4UqnrG2b72tkmjxXKhdK3U6j4maD1OxDUkZIueJOzidr4cHf:Cxh7kUqLUM8jvaDExDUkZAwOEc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0c3c47a70036fd78d0c4b645545304b_JaffaCakes118

Files

a0c3c47a70036fd78d0c4b645545304b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

24ece55444dae46d2d83bc8b1a0ca800

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

mciSendCommandA
midiOutGetNumDevs
PlaySoundA
waveOutGetNumDevs

kernel32

lstrcatA
GetVersion
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleA
GlobalDeleteAtom
SetErrorMode
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
SetLastError
GetProcessVersion
lstrcmpA
LocalReAlloc
TlsGetValue
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
CreateThread
ExitThread
HeapAlloc
HeapFree
RaiseException
HeapSize
GetTimeZoneInformation
GlobalFlags
GlobalAlloc
EnterCriticalSection
TlsSetValue
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
Sleep
Beep
GlobalReAlloc
GlobalLock
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
LoadLibraryA
GetProcAddress
FlushFileBuffers
SetFilePointer
WriteFile
GetVersionExA
GetCurrentProcess
WideCharToMultiByte
LocalFree
MultiByteToWideChar
lstrlenA
InterlockedDecrement
GetCurrentThreadId
CreateEventA
SuspendThread
SetEvent
SetThreadPriority
ResumeThread
WaitForSingleObject
CloseHandle
FindFirstFileA
GetLastError
FindClose
lstrcpynA
HeapReAlloc
ExitProcess
GetACP

comctl32

ord17

user32

EnableWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
ShowWindow
IsWindowEnabled
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
LoadStringA
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
UnregisterClassA
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
SendMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
LoadBitmapA
GetMenuCheckMarkDimensions

gdi32

SetBkColor
DeleteObject
DeleteDC
GetDeviceCaps
SaveDC
RestoreDC
GetStockObject
SelectObject
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
SetTextColor
GetObjectA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

Exports

Exports

??0CSound@@QAE@XZ
??4CSound@@QAEAAV0@ABV0@@Z
?AllStop@CSound@@QAEXXZ
?IsPlay@CSound@@QAEHXZ
?PlayBeep@CSound@@QAEHH@Z
?PlayFile@CSound@@QAEHPBDH@Z
?WaveStop@CSound@@QAEHXZ

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

24ece55444dae46d2d83bc8b1a0ca800

Headers

File Characteristics

Imports

winmm

kernel32

comctl32

user32

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 18KB

.reloc Size: 12KB - Virtual size: 9KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 18KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 108KB - Virtual size: 108KB