07cf6de396d895ec867df76c3b1b218d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07cf6de396d895ec867df76c3b1b218d_JaffaCakes118
Size

106KB
MD5

07cf6de396d895ec867df76c3b1b218d
SHA1

1516e6cab87dcdafbc16f2d01577fb7f5e2b2bdf
SHA256

83579af9aafdc3f7656c76658431d2fedf5fe3fb085367c55771b86118a266a2
SHA512

4c816fbfe75d57c2a9ccde1f871a9add78fa58f9a2e8e4a9a54838695f9373c2cf7e934de36cba4587186472bd199935417bc401372b713b3ff0437213b06ea4
SSDEEP

1536:rnxw6SaZjMJJnnPc5NIxP6fc8FpMTnJ+Vxy+veHWY5EB4rMdPNed4F:rxwemPc5W8ziyy++W2Ez

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07cf6de396d895ec867df76c3b1b218d_JaffaCakes118

Files

07cf6de396d895ec867df76c3b1b218d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

01c0b0abac6724275b20caa475d1f9c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\github-bass2.4\bass_tak2.4\Release\bass_tak2.4.pdb

Imports

kernel32

HeapReAlloc
GetProcessHeap
HeapFree
DisableThreadLibraryCalls
HeapAlloc
HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
WriteFile
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind

user32

MessageBoxA

bass

_
BASS_GetVersion

tak_deco_lib

tak_SSD_GetStreamInfo
tak_APE_GetTextItemValueAsAnsi
tak_SSD_ReadAudio
tak_SSD_Valid
tak_SSD_Seek
tak_APE_Valid
tak_SSD_Create_FromStream
tak_APE_GetItemNum
tak_APE_GetItemKey
tak_APE_GetItemValue
tak_SSD_Destroy
tak_SSD_GetAPEv2Tag

Exports

Exports

BASS_TAK_StreamCreateFile
BASS_TAK_StreamCreateFileUser
BASS_TAK_StreamCreateURL
BASSplugin

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01c0b0abac6724275b20caa475d1f9c6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

bass

tak_deco_lib

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 63KB - Virtual size: 66KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 63KB - Virtual size: 66KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 3KB - Virtual size: 3KB