11cfe2c4dfa738f191450ea47f764e7b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11cfe2c4dfa738f191450ea47f764e7b_JaffaCakes118
Size

88KB
MD5

11cfe2c4dfa738f191450ea47f764e7b
SHA1

fec1cda4987702aef6287813c6fe934ce20c196e
SHA256

399ea606cf4bfbd8234dc10229e85a26b725c86b3e9f4a89a0d309895b022d2e
SHA512

51adc738853b0bc5cabd79039a5e1a8a2d2c2f34c0a971e19656ed74ade1236da33d2f76c7f3a31fc27be5c52a2ac636a91853d7dedbf772ccb48ea3fbe15b56
SSDEEP

1536:7kk3BXaqa6kgIj5usD1Oj1vMwqO6qtkOJSbkSsTAFBk9ZFOVH0ask:7kWXayk3EftwYRmkiH0l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11cfe2c4dfa738f191450ea47f764e7b_JaffaCakes118

Files

11cfe2c4dfa738f191450ea47f764e7b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

874a08facd0d57f86657ade1df62556b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

midiInGetID
auxGetVolume
waveInGetDevCapsA
waveInPrepareHeader
waveOutSetPlaybackRate
mixerOpen
mmioCreateChunk
mmioClose
waveInUnprepareHeader
mmioAscend
mciSendCommandA
midiInOpen
midiOutReset
midiOutCachePatches
midiOutMessage
midiStreamOut
midiOutGetNumDevs
mmioWrite
midiOutGetErrorTextA
mmioSeek
joyReleaseCapture
mixerGetID
joySetCapture
mixerMessage
timeGetDevCaps
mixerClose
midiInAddBuffer
mciSendStringA
mmioRead
mciGetCreatorTask
midiInGetNumDevs
joyGetPos
midiInGetErrorTextA
auxOutMessage
midiInPrepareHeader
waveOutGetPosition
midiOutUnprepareHeader
timeBeginPeriod
midiStreamProperty
auxGetNumDevs
joySetThreshold
CloseDriver
midiOutPrepareHeader
waveOutSetVolume
waveInOpen
waveOutSetPitch
mixerGetLineControlsA
joyGetPosEx
midiDisconnect
waveOutUnprepareHeader
midiInStart
waveInGetID
auxGetDevCapsA
midiStreamPosition
midiInMessage
waveOutGetPitch
mmioFlush
timeGetSystemTime
waveOutPause
waveOutGetNumDevs
mciSetYieldProc
joyGetDevCapsA
waveOutBreakLoop
waveInGetPosition
midiOutOpen
mixerGetNumDevs
waveInAddBuffer
midiConnect
midiOutLongMsg
timeEndPeriod
waveOutRestart
midiOutGetID

kernel32

GetVersion
LoadLibraryA
GetSystemTime
IsValidLocale
VirtualAlloc
GetProcAddress
GetHandleInformation
GetModuleHandleA

shell32

SHLoadInProc
FindExecutableA
SHAddToRecentDocs
Shell_NotifyIconA
DragFinish
DragAcceptFiles
DragQueryFileA
SHFreeNameMappings
ShellExecuteExA

comctl32

ImageList_AddMasked
ImageList_Destroy

version

GetFileVersionInfoSizeW

winspool.drv

DeletePrintProcessorA
DeletePrinterDriverExA
EndDocPrinter
EnumPrinterDataExA

msvcrt

_adjust_fdiv
malloc
__dllonexit
_onexit
printf
ftell
fseek
fclose
fread
fwrite
memset
fopen
sprintf
free
_unlink
_initterm

Exports

Exports

YVYUOBUQU

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

874a08facd0d57f86657ade1df62556b

Headers

File Characteristics

Imports

winmm

kernel32

shell32

comctl32

version

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 49KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 49KB

.reloc
Size: 4KB - Virtual size: 3KB