a3e04d7d259567dbd27217a4a9936ae8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3e04d7d259567dbd27217a4a9936ae8_JaffaCakes118
Size

320KB
MD5

a3e04d7d259567dbd27217a4a9936ae8
SHA1

7de6f470c61c857248a1406fb66537a3a61a8259
SHA256

d502d1ece7e17c08d7fd48df1205a05a176cfd2800a4536567dc65b944de26b0
SHA512

9e47dbb611a476612708a017c16186f5d8a6804d4de0bcc010ae63d60b00803f698310468326c506ecc000f83e5a13e1d4e49bde7b7b8db8fdfa7fdea7c41445
SSDEEP

6144:sIyEr1fTcAYfph1u79Ize0ZPi92PnJhU8oCacVE9XpDBDaYdx:sIneRh2Gz5ZPi9WnxacVExBos

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3e04d7d259567dbd27217a4a9936ae8_JaffaCakes118

Files

a3e04d7d259567dbd27217a4a9936ae8_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4f51953d9e99579a5cc197149bedca98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

mmioClose
midiOutGetDevCapsW
midiConnect
mmioOpenW
midiInReset
midiInGetNumDevs
mciDriverYield
mmioRead
mciGetDriverData
joySetCapture
midiOutOpen
GetDriverModuleHandle
waveInGetNumDevs
midiStreamOpen
midiOutGetDevCapsA
mmioDescend
joyGetNumDevs
auxGetDevCapsA
midiInStart
waveOutUnprepareHeader
mod32Message
aux32Message
mmTaskYield
mixerGetLineControlsA
mixerClose
auxGetDevCapsW
joyGetPos
midiInAddBuffer
mmioInstallIOProcA
midiStreamStop
mmioStringToFOURCCW
WOW32ResolveMultiMediaHandle
mciGetDeviceIDW
PlaySound
mmTaskBlock
waveOutSetPlaybackRate
mmDrvInstall
waveOutGetPlaybackRate
waveInReset
mixerGetLineInfoW
mmioAdvance
mmioOpenA
mixerMessage
waveInGetDevCapsW
midiOutGetErrorTextW
waveInPrepareHeader
waveOutSetVolume
timeGetSystemTime
auxOutMessage
mixerGetControlDetailsA
midiOutClose
waveOutGetVolume
midiInGetErrorTextA
CloseDriver
mmioGetInfo
waveOutGetPosition
midiInUnprepareHeader
midiInPrepareHeader
OpenDriver
mixerGetControlDetailsW
joyGetThreshold
midiStreamClose
mmioAscend
auxGetNumDevs
waveInMessage
mciSendCommandW
midiStreamRestart
NotifyCallbackData
mmioFlush
joyGetDevCapsW

kernel32

GetCurrentProcessId
FindNextFileW
GetPriorityClass
GetTickCount
EraseTape
FindVolumeMountPointClose
GetLocaleInfoW
FindFirstVolumeMountPointW
BackupWrite
CreateFileW
GetVersionExA
SetTapeParameters
CompareStringW
ExpandEnvironmentStringsW
ExitThread
LoadLibraryA
CreateDirectoryW
FileTimeToLocalFileTime
BackupRead
SetLastError
SetFilePointer
GetTapeParameters
InitializeCriticalSection
FindFirstFileW
VirtualAlloc
SystemTimeToTzSpecificLocalTime
GetLocalTime
FindNextVolumeMountPointW
GetFileAttributesW
VirtualFree
SetFileAttributesW
GetCurrentDirectoryW
GetComputerNameW
HeapFree
TerminateThread
LocalAlloc
GetCurrentProcess
GetSystemTimeAsFileTime
GetCompressedFileSizeW
EnterCriticalSection
LoadLibraryW
SetEvent
PrepareTape
HeapAlloc
SetEndOfFile
GetFileInformationByHandle
GetWindowsDirectoryW
LocalFree
FreeLibrary
BackupSeek
UnhandledExceptionFilter
FileTimeToSystemTime
FindClose
WideCharToMultiByte
CreateEventW
CloseHandle
DeleteFileW
GetLogicalDriveStringsW
VerSetConditionMask
GetTapeStatus
SetPriorityClass
RemoveDirectoryW
LeaveCriticalSection

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f51953d9e99579a5cc197149bedca98

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

Sections

.text Size: 179KB - Virtual size: 179KB

.data Size: 54KB - Virtual size: 54KB

.rsrc Size: 85KB - Virtual size: 604KB

.text
Size: 179KB - Virtual size: 179KB

.data
Size: 54KB - Virtual size: 54KB

.rsrc
Size: 85KB - Virtual size: 604KB