ac8441d9d0ca9f4349db63fde2d4e8f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac8441d9d0ca9f4349db63fde2d4e8f3_JaffaCakes118
Size

166KB
MD5

ac8441d9d0ca9f4349db63fde2d4e8f3
SHA1

b7a5c23232fb256a33b80cc3c3335d749772928e
SHA256

3df95b6318b6742ac4e40cce3790034d4e4fe0afc6d773d722fe5209faa48401
SHA512

53c1388840cc77d52640210ff37678806d8d4d0752fe62c4d23514d325e32deee243d4df51adaa37852150c9e2694fa3b7fdc4c5cf8586ccf9c5c3ffd6906115
SSDEEP

3072:DzfNn1ZUInYH8cSLz9lwT35Qbz1vbZhQRWsxsbvJqcgTUE3KOKTLeKnm+Ueezeim:vfNn1ZU2Y8cSLzTwT35gz1vbOWoss73n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac8441d9d0ca9f4349db63fde2d4e8f3_JaffaCakes118

Files

ac8441d9d0ca9f4349db63fde2d4e8f3_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7e8b7a4ca5d855cbdf31d0d5476a9928

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
DeleteCriticalSection
CloseHandle
InterlockedDecrement
SetEvent
ResetEvent
CreateEventW
GetLastError
CreateFileW
GetDriveTypeW
Sleep
DeviceIoControl
DeleteFileW
CopyFileExW
InterlockedExchange
lstrlenW
lstrcpynW
lstrcmpiW
WideCharToMultiByte
MultiByteToWideChar
LockFile
CreateFileA
UnlockFile
GetDiskFreeSpaceExW
FindClose
FindFirstFileW
SetVolumeLabelW
WriteFile
SetFilePointer
CreateDirectoryA
CreateDirectoryW
GetFileAttributesW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetTickCount
CompareStringW
GetVolumeInformationW
GetFileAttributesA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
DisableThreadLibraryCalls
InterlockedCompareExchange
OutputDebugStringW
QueryPerformanceCounter
GetCurrentThreadId
QueryPerformanceFrequency
GetStringTypeExW

user32

wsprintfA
SendMessageA
SendNotifyMessageA
EnableWindow
GetWindowLongW
BringWindowToTop
SetWindowLongW
GetDlgItemTextW
IsDlgButtonChecked
GetDlgItem
CheckDlgButton
KillTimer
SetDlgItemTextW
SendDlgItemMessageW
ShowWindow
SetWindowPos
SetTimer
EndDialog
MessageBoxW
CharNextW
wsprintfW
SendMessageW

ole32

CoCreateGuid

tataki

??0SkinBitmap@@QAE@PAKHH_N@Z
?getBits@SkinBitmap@@UAEPAXXZ
??1SkinBitmap@@QAE@XZ
??1DCCanvas@@UAE@XZ
?stretch@SkinBitmap@@QAEXPAVifc_canvas@@HHHH@Z
??0DCCanvas@@QAE@PAUHDC__@@PAVBaseWnd@@@Z
??1BltCanvas@@UAE@XZ
?getBits@BltCanvas@@QAEPAXXZ
??0BltCanvas@@QAE@HHPAUHWND__@@H@Z
Init
Quit

msvcr90

_crt_debugger_hook
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
memcmp
??2@YAPAXI@Z
??3@YAXPAX@Z
printf
_vsnwprintf
memset
free
memcpy
malloc
wcslen
_strnicmp
fclose
fwrite
_wfopen
??_V@YAXPAX@Z
memmove_s
??_U@YAPAXI@Z
__CxxFrameHandler3
_wcsdup
_wcsicmp
_time64
rand
towupper
_purecall
wcsncpy
_wtoi
strlen
__timezone
_tzset
strstr
wcsrchr
_difftime64
fread
ftell
fseek
fopen
strtoul
_wtoi64
wcscmp
calloc
_unlink
rename
pow
_wtof
wcscpy
wcscat
_wmkdir
srand
wcschr
_wcsnicmp
fprintf
fgetws
log10
realloc
_wunlink
memmove
_i64tow
_gmtime64
wcsftime
_mkgmtime64
_wtof_l
_create_locale
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null

Exports

Exports

winampGetPMPDevicePlugin
winampUninstallPlugin

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e8b7a4ca5d855cbdf31d0d5476a9928

Headers

File Characteristics

Imports

kernel32

user32

ole32

tataki

msvcr90

Exports

Exports

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 8KB - Virtual size: 7KB