da01282b7cdb586ca200709409d331c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da01282b7cdb586ca200709409d331c9_JaffaCakes118
Size

133KB
MD5

da01282b7cdb586ca200709409d331c9
SHA1

53befc7182c1603df5a6eb83d05a226e8a17d584
SHA256

b39b16579e857a9d1a831242f161f175c52521d760bbcf3a7aaadf4dc2a3ff6e
SHA512

4f26e40f313738d8edc0c9c1b007746aa8462f7975918be3798e72421eec4a37c5e74aff45d9b21b9d5fdfc9952152542de54480588239c1ac7f1d96ec395ed8
SSDEEP

3072:znm7qBq5GBbeeGzQo0HxAthDb36BaI2j+m0ssJHFycKPRqU3WCwk:znmtGBieqVQ6Z6jPm0s29833WCwk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da01282b7cdb586ca200709409d331c9_JaffaCakes118

Files

da01282b7cdb586ca200709409d331c9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a6089df2236280878a72c26b8d7df9cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrStrIA

kernel32

WritePrivateProfileStringA
GetModuleFileNameA
GetPrivateProfileStringA
GetVersionExA
CloseHandle
FindClose
VirtualAllocEx
DisableThreadLibraryCalls
lstrcmpiA
FindFirstFileA
GetFileAttributesA
ReadProcessMemory
VirtualFreeEx
GetPrivateProfileIntA
OpenProcess
lstrcpynA
lstrlenA
FindNextFileA

user32

IsWindowUnicode
GetDlgItem
MessageBoxA
SetWindowLongA
CreateIcon
GetDC
GetIconInfo
CreateIconIndirect
PtInRect
RegisterWindowMessageA
SendMessageA
SetFocus
CharPrevA
LoadIconA
SetForegroundWindow
GetKeyState
DrawTextA
SendDlgItemMessageA
SetActiveWindow
GetWindowRect
GetClassNameA
SetWindowLongW
EndDialog
GetCursorPos
CheckDlgButton
EnumChildWindows
IsDlgButtonChecked
IsWindow
SetWindowTextA
LoadImageA
MapWindowPoints
EnableWindow
CallWindowProcA
FindWindowA
GetDlgItemTextA
DestroyIcon
GetWindowThreadProcessId
CopyRect
SetDlgItemTextA
ReleaseDC

gdi32

GetObjectA
GetPixel
DeleteObject
CreateBitmap
SetPixel
GetCurrentObject
CreateFontIndirectA
StretchBlt
DeleteDC
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
SelectObject

comdlg32

GetOpenFileNameA

shell32

Shell_NotifyIconA

nscrt

_vsnprintf

Exports

Exports

winampGetGeneralPurposePlugin

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6089df2236280878a72c26b8d7df9cf

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

shell32

nscrt

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 1KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 112KB