fec61f05fbb9e88cb347b32b8f566fc0_JaffaCakes118

General

Target

fec61f05fbb9e88cb347b32b8f566fc0_JaffaCakes118
Size

19KB
MD5

fec61f05fbb9e88cb347b32b8f566fc0
SHA1

ab25af0e2d5cddb58db8f457b152e09ca71e7f93
SHA256

57def3a64425426b6aa3fc6a65dfab115f80be256b33e3f8b400bce629770ead
SHA512

c4895dbb099beb90447ff8ac0d2e49794a1b21e846b35c5f4f3aa6c10ad9e4fc6fab61f5f4c4364be3dd6926906e7724e30e4411007f1c5b14e135863be94a89
SSDEEP

384:kRGqBuRr36Mf56P1SiNx/y7wEx/7T/pIEnZ5ZPf6LOtCVl7g1LAsd6S:kRKKrkQMZPf6LOts9g18sd6S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fec61f05fbb9e88cb347b32b8f566fc0_JaffaCakes118

Files

fec61f05fbb9e88cb347b32b8f566fc0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

bb63843a820852464097de3042430a9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
lstrcpynW
GetTempPathW
GetTempFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

user32

LoadImageW

gdi32

CreateCompatibleDC
BitBlt
DeleteDC
CreateDIBSection
DeleteObject
SelectObject
GetObjectW

zlib

inflateInit_
inflateReset
inflate
inflateEnd

msvcr90

free
fclose
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_crt_debugger_hook
fwrite
_wunlink
_wfopen
_wcsicmp
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
malloc
memset

Exports

Exports

GetWinamp5SystemComponent

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb63843a820852464097de3042430a9a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

zlib

msvcr90

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB