dac8389983f84fdbf90206b65bbfea48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dac8389983f84fdbf90206b65bbfea48_JaffaCakes118
Size

1.1MB
MD5

dac8389983f84fdbf90206b65bbfea48
SHA1

0259f18df031e48d7310db5a2c20b5fa9441e524
SHA256

48e9ed05c8e0c14fe785cafbd7684c6b857c91f5b0535d3e4a6aaa537ba9751d
SHA512

a5af32c3eacc070a2bdc3a370aec8c6bb94864320ea27a6488d2add374b1edecd6740947ed3af1293380ff49579275e863c8a0f7e7f3108b87de8baa30ab4b74
SSDEEP

24576:AVzTbk9ej29T9jKd1TtNF2gCZEd3+KqAjjVmW5AUjKZ:5M1TtNF2lEh3jVSUw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dac8389983f84fdbf90206b65bbfea48_JaffaCakes118

Files

dac8389983f84fdbf90206b65bbfea48_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a51ffaaaa4a5a5dee35cd71fb60b2f2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dsound

ord1
ord2

ole32

CoInitialize
CoCreateInstance
StringFromCLSID
CLSIDFromString

comctl32

ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
GetSystemDefaultLangID
DeviceIoControl
QueryDosDeviceA
GetFileAttributesA
ResetEvent
SetLastError
SetEvent
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemDirectoryA
SetFilePointer
GetFileSize
IsBadWritePtr
Sleep
CreateFileA
CloseHandle
GetVersionExA
OpenFile
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
GetModuleHandleA
VirtualFree
VirtualAlloc
ReadFile
GetModuleFileNameA
GetLocaleInfoA
GetVolumeInformationA
SuspendThread
ResumeThread
WaitForSingleObject
TerminateThread
CreateThread
SearchPathA
GetDriveTypeA
FormatMessageA
IsBadStringPtrA
LocalFree
GetLastError
IsBadReadPtr
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventA
InterlockedExchange

user32

IsWindow
UnregisterClassA
IsWindowVisible
KillTimer
wsprintfA
GetUpdateRect
SetTimer
BeginPaint
EndPaint
PostMessageA
DefWindowProcA
FillRect
InSendMessage
AdjustWindowRect
SetWindowPos
DestroyWindow
GetWindowLongA
LoadCursorA
RegisterClassA
CreateWindowExA
IsIconic
GetClientRect
GetWindowRect
IsZoomed
ClientToScreen
ScreenToClient
GetSystemMetrics
GetDesktopWindow
GetMenu
MapWindowPoints
InvalidateRect
ShowWindow
SendMessageA
SetParent
SetWindowLongA
GetWindowTextA
GetWindowPlacement
SetWindowTextA
GetForegroundWindow
LoadStringA
GetActiveWindow
EnableWindow
IsDlgButtonChecked
GetDlgItem
GetDlgItemTextA
CheckDlgButton
EndDialog
GetDC
SetDlgItemTextA
ReleaseDC
LoadIconA
DialogBoxParamA

gdi32

GetStockObject
SelectObject
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
RestoreDC
SetWindowOrgEx
ModifyWorldTransform
SetGraphicsMode
SaveDC
TextOutA
SetBkMode
CreateFontIndirectA
SetTextColor
CreateSolidBrush
CreateDIBSection
CreateCompatibleDC
RealizePalette
SelectPalette
GetSystemPaletteEntries
Rectangle
CreatePen
GetNearestPaletteIndex
ExtEscape
BitBlt
CreateCompatibleBitmap
CreatePalette
SetDIBits
CreateDCA
DeleteDC
SetViewportOrgEx

advapi32

CreateServiceA
CloseServiceHandle
DeleteService
RegCreateKeyExA
RegDeleteValueA
OpenSCManagerA
StartServiceA
ControlService
RegOpenKeyExA
RegFlushKey
RegEnumKeyExA
OpenServiceA
RegSetValueExA
RegQueryValueExA
RegCloseKey

winmm

mixerOpen
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetNumDevs
mixerGetDevCapsA
OpenDriver
mixerGetLineInfoA
mixerGetLineControlsA
mmioDescend
mmioClose
waveOutOpen
waveOutGetDevCapsA
timeGetTime
mixerClose
mmioOpenA
SendDriverMessage
waveOutGetNumDevs

msvcrt

_onexit
free
_initterm
malloc
_adjust_fdiv
_stat
_CxxThrowException
__CxxFrameHandler
memmove
??3@YAXPAX@Z
_strlwr
??2@YAPAXI@Z
_ftol
sprintf
_strupr
strrchr
strstr
strcspn
toupper
strncpy
strncmp
atoi
_strnicmp
time
atol
isdigit
_stricmp
_splitpath
strtok
_makepath
??1type_info@@UAE@XZ
_purecall
__dllonexit

Exports

Exports

GetMMAPI
GetMMAPIVersion
ReleaseMMAPI

Sections

.text
Size: 520KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CPUCAP_T
Size: 4KB - Virtual size: 335B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a51ffaaaa4a5a5dee35cd71fb60b2f2b

Headers

File Characteristics

Imports

dsound

ole32

comctl32

version

kernel32

user32

gdi32

advapi32

winmm

msvcrt

Exports

Exports

Sections

.text Size: 520KB - Virtual size: 517KB

CPUCAP_T Size: 4KB - Virtual size: 335B

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 316KB - Virtual size: 2.5MB

.data1 Size: 4KB - Virtual size: 320B

.reloc Size: 68KB - Virtual size: 64KB

.text Size: 168KB - Virtual size: 168KB

.text
Size: 520KB - Virtual size: 517KB

CPUCAP_T
Size: 4KB - Virtual size: 335B

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 316KB - Virtual size: 2.5MB

.data1
Size: 4KB - Virtual size: 320B

.reloc
Size: 68KB - Virtual size: 64KB

.text
Size: 168KB - Virtual size: 168KB