092af046e9c15b41ff3588a929e4ca85_JaffaCakes118 | Triage

Sharing

General

Target

092af046e9c15b41ff3588a929e4ca85_JaffaCakes118
Size

164KB
MD5

092af046e9c15b41ff3588a929e4ca85
SHA1

654b224c9c91a1df4e41bff1e1e25c13fab34f0e
SHA256

7ef690f9464de3ba8c138049b5a7f5c67cf2849a5c7e497fdefb21464f0026b9
SHA512

bc2f6a6333d900c19935ddbc095ccbd5da577f1cb42c1eb90a135955f8a6656a7d75ccce2f670a0b45b1167953f8684347ce83505b188f8b778dce45a84fe509
SSDEEP

3072:sAex5OizYjTQzG8kDgFmzDMOzjNTdpYKvAibqzdWPEAKkiSR:NevOizCTQiZDamzYODpP4ib2B4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
092af046e9c15b41ff3588a929e4ca85_JaffaCakes118

Files

092af046e9c15b41ff3588a929e4ca85_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2b0368af8c3d608bee2a0e4062ee6d08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualQuery
GetPrivateProfileStructA
WritePrivateProfileStructA
lstrcmpiA
lstrcpynA
GetProcAddress
LoadLibraryA
lstrlenA
GetModuleFileNameA

user32

EnableWindow
SetDlgItemTextA
SetWindowLongA
SendMessageA
SendDlgItemMessageA
GetDlgItem

nscrt

__dllonexit
_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
memcpy
atoi
_vsnprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
free
malloc
_purecall
memset

Exports

Exports

ConfigAudio3
CreateAudio3
FinishAudio3
GetAudioTypes3
GetConfigItem
PrepareToFinish
SetConfigItem
SetWinampHWND

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ