375acd88830e7e9986d7a59be0092587_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

375acd88830e7e9986d7a59be0092587_JaffaCakes118
Size

47KB
MD5

375acd88830e7e9986d7a59be0092587
SHA1

a85193c59edb7bdf12b208527abf65f70b2881c6
SHA256

1c1a90348c0ab90f2e934dfcc4fbc3dcb1b240ace1a480d0f82ce7e0ef1c729e
SHA512

487eef409fa769b94bf510ca4f75c7670f6d0ae8e2642c2f6ebfcf3e6f61fa7733c06ea0ca37b7f573b1520f2068296fe98a052e42fa9270533dedcd66022448
SSDEEP

768:s80xymHs7JGKrFszPd4x4qm/mWlgno3YCTw8p6ojRT/NULRkhj0WCqn0Nbz:OyB7JkrdgWJ3YswkT+LRkj4Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HiFi.MP3.Recorder.Joiner.v1.02..WinALL.Keygen.Only-iNDUCT/HiFi.MP3.Recorder.Joiner.v1.xx.keygen.exe

Files

375acd88830e7e9986d7a59be0092587_JaffaCakes118
.zip
HiFi.MP3.Recorder.Joiner.v1.02..WinALL.Keygen.Only-iNDUCT/HiFi.MP3.Recorder.Joiner.v1.xx.keygen.exe
.exe windows:4 windows x86 arch:x86

17ec845a334bbdc516f4b107aec70ab9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
CreateThread
Sleep
GlobalReAlloc
GetModuleHandleA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
SetThreadPriority
GetStartupInfoA

user32

SetCapture
RedrawWindow
CreateDialogParamA
SetRect
LoadIconA
MoveWindow
EndPaint
GetMessageA
TranslateMessage
GetWindowRect
SendMessageA
SetDlgItemTextA
MessageBoxA
ReleaseCapture
SetWindowTextA
DrawTextA
BeginPaint
PostQuitMessage
SetWindowRgn
SetWindowPos
GetDlgItem
DispatchMessageA

gdi32

GetObjectA
SetTextColor
SetBkMode
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreatePatternBrush
GetCurrentObject
DeleteObject
CombineRgn
ExtCreateRegion
CreateDIBSection
DeleteDC

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

winmm

waveOutClose
waveOutGetPosition
waveOutWrite
waveOutPrepareHeader
waveOutOpen
waveOutReset
waveOutUnprepareHeader

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
pow
abs
sin
fabs
memset
_ftol
strcpy
strcat
rand
strlen
sprintf
memcpy
free
calloc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HiFi.MP3.Recorder.Joiner.v1.02..WinALL.Keygen.Only-iNDUCT/file_id.diz
HiFi.MP3.Recorder.Joiner.v1.02..WinALL.Keygen.Only-iNDUCT/induct.nfo
keygen.nfo

Sharing

General

Malware Config

Signatures

Files

17ec845a334bbdc516f4b107aec70ab9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

winmm

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 30KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 30KB

.rsrc
Size: 60KB - Virtual size: 56KB