a393752abf353f7b0d02a62388a86eec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a393752abf353f7b0d02a62388a86eec_JaffaCakes118
Size

12KB
MD5

a393752abf353f7b0d02a62388a86eec
SHA1

b17928f8170e29edb89c0539957728cc85b1116f
SHA256

91b85f63b1cb75d651c21c60b86b7fbeb578a3652f0a535f2a02bee115a4f9bb
SHA512

042b2a153fccc25b9b9c0066edf1083a62177c2fa9a4a31b936e66be7bfe8dc234e399739959f1b4acd1cfe5566bd4ac28b0b3e75b524f90bc528d6b8872081e
SSDEEP

192:2zsNp6SoU/JK9HRBx2Y1NG4sLZc0Uc7lTbj2sPfFLM2rnnH31YDbsiCxrE4i3Vuh:QsjBK9B2YLWZc0UWTbSqLh6XC1z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Crack/winamp_V5.xx_Patch.exe

Files

a393752abf353f7b0d02a62388a86eec_JaffaCakes118
.zip
Crack/winamp_V5.xx_Patch.exe
.exe windows:1 windows x86 arch:x86

fb77b7a0d209cf836640054dcaea3abd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetCapture
EndPaint
GetClientRect
GetClassInfoExA
EnumThreadWindows
GetDlgItem
RedrawWindow
GetDC
SendMessageA
GetClassNameA
FillRect
InsertMenuItemA
GetSysColorBrush
GetFocus
DrawEdge
SetWindowLongA
SetWindowTextA
ShowWindow
SetDlgItemTextA
SetCapture
SendDlgItemMessageA
RegisterClassExA
GetDlgCtrlID
MessageBoxA
IsWindowEnabled
IsDialogMessageA
GetWindowLongA
GetSystemMenu
GetSysColor
GetMessageA
DrawStateA
DrawIconEx
DrawTextA
DrawFocusRect
TranslateMessage
DispatchMessageA
SystemParametersInfoA
BeginPaint
CallWindowProcA
CheckDlgButton
CreateDialogIndirectParamA
CreateDialogParamA
DefWindowProcA
DialogBoxParamA
ReleaseDC
ReleaseCapture
LoadIconA
GetWindowTextA
EnableMenuItem
PostQuitMessage
LoadCursorA
EnableWindow
EndDialog

gdi32

SetBkMode
SetBkColor
SelectObject
CreateSolidBrush
CreateDIBitmap
CreateFontIndirectA
DeleteObject
SetTextColor

kernel32

UnmapViewOfFile
TerminateProcess
GetTempPathA
SuspendThread
Sleep
GetTempFileNameA
ExitProcess
SetLastError
SetFilePointer
GetModuleHandleA
DeleteFileA
CloseHandle
SetFileAttributesA
GetModuleFileNameA
ResumeThread
CreateFileA
ReadProcessMemory
MapViewOfFile
GetLastError
LocalFree
GlobalFree
GetFileSize
CreateProcessA
lstrlen
GlobalAlloc
lstrcpy
lstrcat
GetWindowsDirectoryA
GetCommandLineA
WriteProcessMemory
WriteFile
GetTickCount
WaitForSingleObject
VirtualProtectEx
GetThreadContext
FormatMessageA
CreateFileMappingA
CopyFileA

shell32

ShellExecuteA
DragQueryFileA
DragFinish
DragAcceptFiles

comdlg32

GetOpenFileNameA

Sections

CODE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crk
Size: 873B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
file_id.diz
lucid.nfo

Sharing

General

Malware Config

Signatures

Files

fb77b7a0d209cf836640054dcaea3abd

Headers

File Characteristics

Imports

user32

gdi32

kernel32

shell32

comdlg32

Sections

CODE Size: 8KB - Virtual size: 8KB

DATA Size: 1KB - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 8KB

.crk Size: 873B - Virtual size: 4KB

CODE
Size: 8KB - Virtual size: 8KB

DATA
Size: 1KB - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 8KB

.crk
Size: 873B - Virtual size: 4KB