29b4018783e289615fb4346a4730d8cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29b4018783e289615fb4346a4730d8cd_JaffaCakes118
Size

311KB
MD5

29b4018783e289615fb4346a4730d8cd
SHA1

7773217ee8ed096d6916230a72f2f6f89569ac59
SHA256

5dbd758ccc72e8a9ff4d2f00c6b459d8390284eee9d47894e94a3e451d9cab0f
SHA512

b8494d59818cdf87db0fa0dfe2263f0980b922d81a72faac7a257b08ae7e7817cc6da805ac577843c7dbdd6e71a5fbc810a18c3940c8176345df379ff40b3b36
SSDEEP

6144:yC2ZliabBiRJ/J+m+SoyIIFruPMQr1FJJFX3hG09qjgL8AXJD:yC2ZliKBub+SoWGpr13XxG098gL8Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29b4018783e289615fb4346a4730d8cd_JaffaCakes118

Files

29b4018783e289615fb4346a4730d8cd_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3a61663aefa1e912dc91d2dffc81bd2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

midiInUnprepareHeader
sndPlaySoundA
waveInClose
mmioInstallIOProcW
joyGetNumDevs
mixerGetNumDevs
mciDriverYield
midiInOpen
mmTaskYield
mciFreeCommandResource
mciSendStringA
CloseDriver
midiConnect
waveOutGetID
mixerGetControlDetailsA
waveOutGetDevCapsA
midiOutSetVolume
OpenDriver
mixerClose
timeGetTime
midiOutReset
mmioStringToFOURCCW
tid32Message
midiInPrepareHeader
waveInGetErrorTextA
WOW32DriverCallback
waveOutBreakLoop
midiInGetDevCapsW
joy32Message
midiStreamOpen
midiOutOpen
mciGetCreatorTask
mid32Message
mmioWrite
mmioSeek
waveOutSetPitch
mxd32Message
joySetThreshold
mciSendCommandA
mixerGetLineInfoA
joyGetPos
WOWAppExit
midiInGetErrorTextW
waveOutGetPlaybackRate
waveOutClose
waveInStart
aux32Message
mciGetErrorStringA
joyConfigChanged
waveOutGetDevCapsW
waveOutGetPitch
midiInGetErrorTextA
mixerOpen
mixerGetLineControlsA
waveOutGetNumDevs
mmioRenameA
mmioRenameW
joyGetPosEx
midiOutMessage
midiOutGetDevCapsW
waveInUnprepareHeader
mmTaskCreate
midiOutGetErrorTextA
auxOutMessage
auxGetNumDevs
timeGetSystemTime

kernel32

ReleaseSemaphore
EraseTape
QueryPerformanceCounter
LocalAlloc
VirtualAlloc
SetLastError
GetCurrentProcess
GetFileAttributesW
GetCurrentDirectoryW
GetSystemDirectoryW
VirtualFree
SetEndOfFile
GetVersionExA
Sleep
ExitThread
EnterCriticalSection
GetTickCount
LeaveCriticalSection
SetFileTime
SetUnhandledExceptionFilter
TerminateThread
SystemTimeToTzSpecificLocalTime
GetProcAddress
BackupRead
GetFileSize
SetPriorityClass
CreateHardLinkW
ReadFile
ExpandEnvironmentStringsW
FindFirstFileW
SetEvent
WaitForSingleObject
GetPrivateProfileStringW
FindNextVolumeMountPointW
MultiByteToWideChar
SetFileShortNameW
CreateEventW
GetCurrentThread
CreateFileW
FindFirstVolumeMountPointW
GetVolumeInformationW
GetCurrentDirectoryA
GetPriorityClass
FindClose
GetWindowsDirectoryW
HeapAlloc
GetLastError
InitializeCriticalSection
CloseHandle
GlobalFree
LocalFree
GetDiskFreeSpaceExW
LoadLibraryA
CreateSemaphoreW
GetTimeZoneInformation
HeapFree
MoveFileExW
UnhandledExceptionFilter

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a61663aefa1e912dc91d2dffc81bd2b

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

Sections

.text Size: 195KB - Virtual size: 195KB

.data Size: 33KB - Virtual size: 33KB

.rsrc Size: 81KB - Virtual size: 588KB

.text
Size: 195KB - Virtual size: 195KB

.data
Size: 33KB - Virtual size: 33KB

.rsrc
Size: 81KB - Virtual size: 588KB