17f11a413d7496f608c36eed6699c327_JaffaCakes118

General

Target

17f11a413d7496f608c36eed6699c327_JaffaCakes118
Size

165KB
MD5

17f11a413d7496f608c36eed6699c327
SHA1

861323f911cb871ff1c30a8a4edd649bb737ca09
SHA256

abd32052db427a44edd2e547d3323a5392fc1dc6ee3f6fed6eb60733cf633334
SHA512

dff8f7edbe82141d6a71545c2b813eb39105f0212e64f0a5648071075840f73f23d8fa8c2d4c83bef2bf032b7d5bdcb00b085841852307b81127d0c3eb968a12
SSDEEP

3072:7MzizYjTQzG8kDgFmzDMOzjNTdpYKvAibqzdWPEAKkiSt:7MzizCTQiZDamzYODpP4ib2By

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17f11a413d7496f608c36eed6699c327_JaffaCakes118

Files

17f11a413d7496f608c36eed6699c327_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1b99797019ee82aea47fe8a6e452ccf6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFindExtensionA
PathStripPathA
PathIsURLA

kernel32

lstrlenA
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
MulDiv
SetEvent
CloseHandle
ResetEvent
SleepEx
WaitForMultipleObjectsEx
DisableThreadLibraryCalls
SetThreadPriority
CreateThread
CreateEventA
WaitForSingleObject
QueueUserAPC
lstrcatA
lstrcpynA
lstrcmpiA
CompareStringA
GetModuleHandleA

user32

GetDlgItemTextA
EndDialog
CharPrevA
MessageBoxIndirectA
MessageBoxA
SendMessageA
GetDlgItem
SetDlgItemTextA
CharNextA
PostMessageA

libsndfile

ord1
ord2
ord80
ord60
ord18
ord17
ord4
ord3
ord16

nscrt

memset
malloc
_vsnprintf
free

Exports

Exports

winampGetExtendedFileInfo
winampGetExtendedRead_close
winampGetExtendedRead_getData
winampGetExtendedRead_open
winampGetExtendedRead_setTime
winampGetInModule2

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b99797019ee82aea47fe8a6e452ccf6

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

libsndfile

nscrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 916B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 916B