d6dfd6a3f9df3bfa80d9bd65d3e7b19c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6dfd6a3f9df3bfa80d9bd65d3e7b19c_JaffaCakes118
Size

263KB
MD5

d6dfd6a3f9df3bfa80d9bd65d3e7b19c
SHA1

c18398cbaf603bff9a1cfdba89b631e7a5fe1966
SHA256

5c78c158d3b0b73da6ce1ee2e7c28d6f902beb5e49ba9da9fa3b4dacc9a984ac
SHA512

b61f1f97563d5d42ed2ed55b4254247a4034b60debaa711682d7def5304add8006ecfcfa3eee85109a928b43e1d2dbcda9c191162caf2dc76dfa238a8f623d07
SSDEEP

3072:5MEViFP9U3H0rNOYV2e94HeDYSet9tWvT7E+mt4NTl68x7JFL09liT+AwKg7Zca9:g8YUe94+M15+ZNp68xv09lrAbC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6dfd6a3f9df3bfa80d9bd65d3e7b19c_JaffaCakes118

Files

d6dfd6a3f9df3bfa80d9bd65d3e7b19c_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

4cd5bcd4603bac98556faa6d5ffd4ceb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dpvoice.pdb

Imports

msvcrt

_ftol
fopen
vfprintf
fputs
_vsnprintf
fflush
fclose
_CIpow
wcscat
wcsncpy
wcslen
_wcsnicmp
srand
swprintf
_onexit
__dllonexit
?terminate@@YAXXZ
_adjust_fdiv
malloc
_initterm
free
_except_handler3
_beginthreadex
_endthreadex
sprintf
_purecall
wcscpy
wcsncat
__CxxFrameHandler

kernel32

CreateThread
CreateEventW
CreateSemaphoreW
GetSystemInfo
IsBadWritePtr
Sleep
IsBadReadPtr
ResetEvent
InterlockedExchange
ProcessIdToSessionId
GetCurrentProcessId
FreeLibrary
GetProcAddress
LoadLibraryW
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
SetThreadPriority
GetModuleHandleW
GetVersionExW
lstrcpyW
lstrlenW
WideCharToMultiByte
GetProfileIntA
WaitForSingleObject
HeapFree
GetProcessHeap
HeapAlloc
DeleteCriticalSection
GetTickCount
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
SetEvent
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
GetModuleFileNameW
lstrcpynW
GetWindowsDirectoryW
GetModuleHandleA
SetLastError
ReleaseMutex
CreateFileMappingW
CloseHandle
GetLastError
MapViewOfFile
UnmapViewOfFile
LoadLibraryA
CreateMutexW
TerminateThread
GetExitCodeThread
GetSystemDirectoryW
GetExitCodeProcess
CreateProcessW

user32

LoadCursorW
GetSysColorBrush
RegisterClassW
SendDlgItemMessageW
MessageBoxW
LoadStringW
LoadIconW
InvalidateRgn
EndDialog
GetDlgItem
GetParent
DialogBoxParamW
EnableWindow
GetWindowLongW
UnregisterClassW
EndPaint
BeginPaint
GetClientRect
DefWindowProcW
IsWindow
SetWindowPos
GetClassNameW
GetWindowThreadProcessId
SetForegroundWindow
GetSystemMetrics
GetWindowRect
EnumWindows
SendMessageW
ReleaseDC
GetDC
SystemParametersInfoW
SetWindowLongW
PostMessageW

winmm

waveOutGetDevCapsA
waveInGetDevCapsA
mixerGetControlDetailsW
mixerGetLineControlsW
mixerGetLineInfoW
mixerSetControlDetails
PlaySoundW
waveOutGetDevCapsW
waveOutSetVolume
waveOutGetVolume
mixerGetID
timeGetTime
waveInGetDevCapsW

advapi32

RegFlushKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegCloseKey

ole32

CoUninitialize
CoInitializeEx
CLSIDFromString
StringFromGUID2
CoCreateInstance

gdi32

LineTo
CreateFontIndirectW
SelectObject
MoveToEx
Rectangle
GetStockObject
CreateSolidBrush
CreatePen
GetDeviceCaps
DeleteObject

Exports

Exports

DirectPlayVoiceCreate
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cd5bcd4603bac98556faa6d5ffd4ceb

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

winmm

advapi32

ole32

gdi32

Exports

Exports

Sections

.text Size: 134KB - Virtual size: 134KB

.data Size: 61KB - Virtual size: 61KB

.rsrc Size: 58KB - Virtual size: 58KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 134KB - Virtual size: 134KB

.data
Size: 61KB - Virtual size: 61KB

.rsrc
Size: 58KB - Virtual size: 58KB

.reloc
Size: 8KB - Virtual size: 8KB