bb3399ecd46f44bb8056d74bc64201a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb3399ecd46f44bb8056d74bc64201a0_JaffaCakes118
Size

290KB
MD5

bb3399ecd46f44bb8056d74bc64201a0
SHA1

f3256fb03f5d2630472ba456f23ab22f04fa37ad
SHA256

67d9b22d9b1a83d0d13a982f24a15711d4b97aab28134a1ac6dd2745d8e25c6c
SHA512

e4ca7276b65635537befe5487375b78cee5d2a81bb57082566ebccde4264e7c8035e72a263664310c28cb967b1c317946db5f5201e84bfc1a63a3530e6a9e47c
SSDEEP

6144:8fAxVkm0yQ/G7G6R0orMpbeamYRzLsC4:8f6kijvF0bWY9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb3399ecd46f44bb8056d74bc64201a0_JaffaCakes118

Files

bb3399ecd46f44bb8056d74bc64201a0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6860c7a84afe492062b18b3283940fae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
WritePrivateProfileStringA
LeaveCriticalSection
EnterCriticalSection
SetFileTime
GetFileTime
GetCurrentProcessId
GetTempPathA
GetTempPathW
GetFileSize
GetDiskFreeSpaceA
GetLastError
InitializeCriticalSection
GetPrivateProfileStringA
DeleteCriticalSection
ResumeThread
SetThreadPriority
TerminateThread
DisableThreadLibraryCalls
DeleteFileA
DeleteFileW
MoveFileA
MoveFileW
CopyFileA
CopyFileW
SetFileAttributesA
SetFileAttributesW
GetModuleHandleA
SetFilePointer
MultiByteToWideChar
MulDiv
GetTickCount
CreateThread
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileW
FindFirstFileW
FindNextFileW
WideCharToMultiByte
FindClose
GetLocalTime
WriteFile
ReadFile
GetModuleFileNameA
CreateFileA
GetVersionExA
CloseHandle

user32

SendMessageA
GetWindowTextA
wsprintfA
DialogBoxParamA
RegisterClassA
LoadCursorA
DefWindowProcA
ReleaseDC
DrawEdge
GetWindowTextLengthW
SetWindowTextW
GetClientRect
GetDC
LoadBitmapA
SetTimer
KillTimer
RedrawWindow
SetDlgItemTextA
GetParent
SetWindowLongA
GetWindowLongA
SetWindowTextA
EndDialog
GetWindowTextLengthA
DialogBoxParamW
CreateDialogParamW
CreateDialogParamA
IsWindowEnabled
GetMessageA
CreateWindowExA
SendMessageW
EnableWindow
GetSystemMetrics
GetWindowRect
DestroyWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetActiveWindow
SetDlgItemTextW
GetDlgItemTextA
SetWindowPos
ShowWindow
PostMessageA
GetDlgItemInt
SetDlgItemInt
MessageBoxA
SendDlgItemMessageA
GetDlgItem
GetWindowTextW

gdi32

CreateFontIndirectA
GetStockObject
GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
SetTextColor
SetBkMode
SetTextAlign
DeleteObject
DeleteDC
TextOutA

comdlg32

ChooseFontA

advapi32

RegSetValueExW
RegQueryValueExW
RegCreateKeyA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegDeleteValueA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

msvcrt

wcstol
_strnicmp
_strdup
_wcsnicmp
_wcsdup
_wcsicmp
_stricmp
_adjust_fdiv
_initterm
_onexit
__dllonexit
frexp
cos
sin
exit
ldexp
fabs
qsort
sqrt
ceil
log
floor
exp
atan
memchr
memmove
strcmp
sprintf
calloc
rand
_ftol
tanh
atof
pow
wcscmp
memcmp
_errno
vswprintf
vsprintf
_purecall
abs
atoi
strstr
strcat
time
strncpy
memset
memcpy
strncmp
strcpy
strrchr
strlen
realloc
malloc
??2@YAPAXI@Z
free
wcslen
_itoa
toupper
tolower
iswalnum
swprintf
wcsstr
??3@YAXPAX@Z
__CxxFrameHandler
strchr

Exports

Exports

winampGetExtendedFileInfo
winampGetInModule2
winampSetExtendedFileInfo
winampWriteExtendedFileInfo

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6860c7a84afe492062b18b3283940fae

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 67KB - Virtual size: 71KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 7KB - Virtual size: 6KB

.rmnet Size: 64KB - Virtual size: 64KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 67KB - Virtual size: 71KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 7KB - Virtual size: 6KB

.rmnet
Size: 64KB - Virtual size: 64KB