3d4999c8bcb3002e3c1a802412c5555c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d4999c8bcb3002e3c1a802412c5555c_JaffaCakes118
Size

43KB
MD5

3d4999c8bcb3002e3c1a802412c5555c
SHA1

3ad89a83f7b9d6c0bee71654f90ceb830944fc09
SHA256

b85d96a9977d63cd5ecd61be5274499008046824684902e4619e809eb054aab6
SHA512

973e4a00dacc5090b1eaf1fa81680867d0fc97cee17fc9f355812bf47d7bcae4d49007a4a7e554c3be1f597745058c23c622757de48d6392dd42d695621531f0
SSDEEP

768:mZl8Pd4+S1Op7M5erM5mDnWe61YhF8VbLaPYwpMBvlS4d1MlvQu6t4YkhvSn78Kr:c8PdM0pBr4An3zreBvDd1MKpSGn78KOy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d4999c8bcb3002e3c1a802412c5555c_JaffaCakes118

Files

3d4999c8bcb3002e3c1a802412c5555c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

944e879b22d376a6a9368bd141b90f28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ord17

shlwapi

PathIsURLW
PathCombineA

kernel32

InterlockedExchange
FreeLibrary
CreateDirectoryA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
MultiByteToWideChar
GetShortPathNameW
lstrcmpW
WideCharToMultiByte
GetTimeFormatW
lstrlenW
GetDateFormatW
lstrcpynW
FindClose
FindFirstFileW
GetLastError
WaitForSingleObject
CreateThread
Sleep
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
DeleteFileW
ReadFile
SetFilePointer
CreateFileW
GetTempFileNameW
GetTempPathW
InterlockedIncrement
InterlockedDecrement
GetProcAddress
LocalAlloc
DisableThreadLibraryCalls
LoadLibraryA
CloseHandle
RaiseException

user32

SetTimer
KillTimer
InvalidateRect
GetSubMenu
EnableMenuItem
GetCursorPos
DestroyMenu
SetWindowLongA
SetCapture
GetAsyncKeyState
GetDlgItemTextA
SetDlgItemTextA
SetFocus
GetCapture
ReleaseCapture
ClientToScreen
GetWindowTextW
IsWindow
SetDlgItemTextW
PeekMessageA
GetParent
CharNextW
CharPrevW
GetDlgItemInt
SetDlgItemInt
CallWindowProcA
CheckDlgButton
PostMessageA
IsDlgButtonChecked
GetDlgItem
CallWindowProcW
MessageBoxA
SendMessageA
EnableWindow
SendMessageW
SetWindowLongW
DestroyWindow
IsWindowVisible

gdi32

DeleteObject

shell32

ShellExecuteW

oleaut32

SystemTimeToVariantTime
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
SysAllocString

nscrt

__CxxFrameHandler
_localtime64
_vsnwprintf
malloc
_strdup
_wcsicmp
_wcsnicmp
_wcsdup
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
_purecall
_wtoi
_wfopen
fwprintf
fclose
fputws
fputwc
memcmp
memset
wcscpy
sprintf
strcmp
strlen
memcpy
time
??_U@YAPAXI@Z
??_V@YAXPAX@Z
realloc
wcslen
free
wcsstr
_except_handler3
??2@YAPAXI@Z
??3@YAXPAX@Z
_vsnprintf
wcscmp

Exports

Exports

winampGetMediaLibraryPlugin

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 226KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

944e879b22d376a6a9368bd141b90f28

Headers

File Characteristics

Imports

comctl32

shlwapi

kernel32

user32

gdi32

shell32

oleaut32

nscrt

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text Size: 226KB - Virtual size: 228KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 226KB - Virtual size: 228KB