JaffaCakes118_49f735aee20ed58633584ac45983c301

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_49f735aee20ed58633584ac45983c301
Size

466KB
MD5

49f735aee20ed58633584ac45983c301
SHA1

92c2fe65f48b45b7980c1dcf3b575424c0b70ce8
SHA256

4afafaefd3c68af66908e21a3dcc5a6ca02ca6fee6312eb170b49351345468f7
SHA512

0cafc36d0214c46e5e1688776e3f4b402af854c01e2783b16bf678a1b2a821f229c360f30dc9ce3ada9da98e2bb80579222a935d05771c2ab698ec533847223e
SSDEEP

6144:o3BXPF1135OCy9MqXqDkOMLVOVibgPomnCdAO2Y79vmp42YggElihx1BO9z0OYYp:oBFP3ELR6MROkbgPZnYp9GihziADYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_49f735aee20ed58633584ac45983c301

Files

JaffaCakes118_49f735aee20ed58633584ac45983c301
.dll windows:4 windows x86 arch:x86

a99c7212aa73a604fce1a3780e349722

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\devel\projects\mss\build\win\mss32.pdb

Imports

user32

GetForegroundWindow
GetWindowThreadProcessId
GetTopWindow
IsWindow
GetActiveWindow
GetWindowLongA
MessageBoxA
wsprintfA
GetWindow

kernel32

HeapFree
CompareStringW
CompareStringA
SetEndOfFile
GetLocaleInfoA
GetSystemDirectoryA
SetThreadPriority
RaiseException
GetSystemInfo
WaitForSingleObject
WaitForMultipleObjects
GetModuleFileNameA
SetEvent
GetModuleHandleA
CreateMutexA
SetThreadAffinityMask
GetWindowsDirectoryA
ReleaseMutex
CloseHandle
GetCurrentProcessId
Sleep
ResumeThread
CreateThread
CreateEventA
FindFirstFileA
GetProcAddress
DisableThreadLibraryCalls
FindClose
LoadLibraryA
FindNextFileA
SetErrorMode
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetProfileStringA
QueryPerformanceFrequency
lstrcatA
OutputDebugStringA
GlobalFree
CreateFileA
WriteFile
GlobalAlloc
SetFilePointer
ReadFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
VirtualAlloc
InitializeCriticalSection
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
SetEnvironmentVariableA
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
WideCharToMultiByte
GetTimeZoneInformation
RtlUnwind
HeapSize
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage

winmm

waveInAddBuffer
waveInReset
waveInUnprepareHeader
waveInOpen
waveInClose
waveInPrepareHeader
timeGetTime
waveOutReset
waveOutWrite
waveOutPrepareHeader
waveOutClose
waveOutGetID
waveOutOpen
waveOutUnprepareHeader
waveOutGetDevCapsA
waveInStart

Exports

Exports

AIL_debug
AIL_debug_log
AIL_debug_printf
AIL_indent
AIL_mem_printf
AIL_sprintf
AIL_sys_debug
RIB_alloc_provider_handle
RIB_enumerate_interface
RIB_error
RIB_find_file_provider
RIB_free_provider_handle
RIB_free_provider_library
RIB_load_provider_library
RIB_register_interface
RIB_request_interface
RIB_request_interface_entry
RIB_type_string
RIB_unregister_interface
_AIL_3D_distance_factor@4
_AIL_3D_doppler_factor@4
_AIL_3D_rolloff_factor@4
_AIL_MMX_available@0
_AIL_WAV_file_write@20
_AIL_WAV_info@8
_AIL_WAV_marker_by_index@12
_AIL_WAV_marker_by_name@8
_AIL_WAV_marker_count@4
_AIL_active_sample_count@4
_AIL_add_apply_environment_event_step@12
_AIL_add_cache_sounds_event_step@12
_AIL_add_comment_event_step@8
_AIL_add_control_sounds_event_step@36
_AIL_add_persist_preset_event_step@20
_AIL_add_sound_limit_event_step@8
_AIL_add_start_sound_event_step@84
_AIL_add_uncache_sounds_event_step@12
_AIL_allocate_sample_handle@4
_AIL_apply_environment_preset@12
_AIL_apply_sound_preset@12
_AIL_auto_service_stream@8
_AIL_background@0
_AIL_background_CPU_percent@0
_AIL_calculate_3D_channel_levels@68
_AIL_close_digital_driver@4
_AIL_close_event@4
_AIL_close_filter@4
_AIL_close_input@4
_AIL_close_soundbank@4
_AIL_close_stream@4
_AIL_create_event@0
_AIL_decompress_ADPCM@12
_AIL_decompress_ASI@24
_AIL_delay@4
_AIL_digital_CPU_percent@4
_AIL_digital_configuration@16
_AIL_digital_driver_processor@8
_AIL_digital_handle_reacquire@4
_AIL_digital_handle_release@4
_AIL_digital_latency@4
_AIL_digital_master_reverb@16
_AIL_digital_master_reverb_levels@12
_AIL_digital_master_volume_level@4
_AIL_digital_output_filter@4
_AIL_end_sample@4
_AIL_enumerate_environment_presets@16
_AIL_enumerate_events@16
_AIL_enumerate_filter_properties@12
_AIL_enumerate_filter_sample_properties@12
_AIL_enumerate_filters@12
_AIL_enumerate_output_filter_driver_properties@12
_AIL_enumerate_output_filter_sample_properties@12
_AIL_enumerate_sample_stage_properties@16
_AIL_enumerate_sound_assets@12
_AIL_enumerate_sound_presets@16
_AIL_file_error@0
_AIL_file_read@8
_AIL_file_size@4
_AIL_file_type@8
_AIL_file_type_named@12
_AIL_file_write@12
_AIL_filter_property@20
_AIL_find_filter@8
_AIL_find_marker_in_list@8
_AIL_ftoa@4
_AIL_get_event_contents@12
_AIL_get_input_info@4
_AIL_get_marker_list@8
_AIL_get_preference@4
_AIL_get_soundbank_filename@4
_AIL_get_soundbank_mem_usage@4
_AIL_get_timer_highest_delay@0
_AIL_init_sample@8
_AIL_last_error@0
_AIL_listener_3D_orientation@28
_AIL_listener_3D_position@16
_AIL_listener_3D_velocity@16
_AIL_listener_relative_receiver_array@8
_AIL_load_sample_buffer@16
_AIL_lock@0
_AIL_lock_mutex@0
_AIL_mem_alloc_lock@4
_AIL_mem_close@12
_AIL_mem_create@0
_AIL_mem_create_from_existing@8
_AIL_mem_error@4
_AIL_mem_free_lock@4
_AIL_mem_open@8
_AIL_mem_pos@4
_AIL_mem_printc@8
_AIL_mem_prints@8
_AIL_mem_read@12
_AIL_mem_seek@8
_AIL_mem_size@4
_AIL_mem_use_free@4
_AIL_mem_use_malloc@4
_AIL_mem_write@12
_AIL_minimum_sample_buffer_size@12
_AIL_ms_count@0
_AIL_next_event_step@16
_AIL_open_digital_driver@16
_AIL_open_filter@8
_AIL_open_input@4
_AIL_open_soundbank@4
_AIL_open_stream@12
_AIL_output_filter_driver_property@20
_AIL_pause_stream@8
_AIL_platform_property@20
_AIL_primary_digital_driver@4
_AIL_process_digital_audio@24
_AIL_register_EOB_callback@8
_AIL_register_EOS_callback@8
_AIL_register_SOB_callback@8
_AIL_register_falloff_function_callback@8
_AIL_register_stream_callback@8
_AIL_register_timer@4
_AIL_register_trace_callback@8
_AIL_release_all_timers@0
_AIL_release_sample_handle@4
_AIL_release_timer_handle@4
_AIL_request_EOB_ASI_reset@12
_AIL_resume_sample@4
_AIL_room_type@4
_AIL_sample_3D_cone@16
_AIL_sample_3D_distances@16
_AIL_sample_3D_orientation@28
_AIL_sample_3D_position@16
_AIL_sample_3D_velocity@16
_AIL_sample_51_volume_levels@28
_AIL_sample_51_volume_pan@24
_AIL_sample_buffer_available@4
_AIL_sample_buffer_count@4
_AIL_sample_buffer_info@24
_AIL_sample_channel_count@8
_AIL_sample_channel_levels@20
_AIL_sample_exclusion@4
_AIL_sample_granularity@4
_AIL_sample_loop_block@12
_AIL_sample_loop_count@4
_AIL_sample_low_pass_cut_off@8
_AIL_sample_ms_position@12
_AIL_sample_obstruction@4
_AIL_sample_occlusion@4
_AIL_sample_output_levels@20
_AIL_sample_playback_delay@4
_AIL_sample_playback_rate@4
_AIL_sample_playback_rate_factor@4
_AIL_sample_position@4
_AIL_sample_processor@8
_AIL_sample_reverb_levels@12
_AIL_sample_speaker_scale_factors@16
_AIL_sample_stage_property@28
_AIL_sample_status@4
_AIL_sample_user_data@8
_AIL_sample_volume_levels@12
_AIL_sample_volume_pan@12
_AIL_serve@0
_AIL_service_stream@8
_AIL_set_3D_distance_factor@8
_AIL_set_3D_doppler_factor@8
_AIL_set_3D_rolloff_factor@8
_AIL_set_digital_driver_processor@12
_AIL_set_digital_master_reverb@16
_AIL_set_digital_master_reverb_levels@12
_AIL_set_digital_master_volume_level@8
_AIL_set_error@4
_AIL_set_file_async_callbacks@20
_AIL_set_file_callbacks@16
_AIL_set_input_state@8
_AIL_set_listener_3D_orientation@28
_AIL_set_listener_3D_position@16
_AIL_set_listener_3D_velocity@20
_AIL_set_listener_3D_velocity_vector@16
_AIL_set_listener_relative_receiver_array@12
_AIL_set_named_sample_file@20
_AIL_set_preference@8
_AIL_set_redist_directory@4
_AIL_set_room_type@8
_AIL_set_sample_3D_cone@16
_AIL_set_sample_3D_distances@16
_AIL_set_sample_3D_orientation@28
_AIL_set_sample_3D_position@16
_AIL_set_sample_3D_velocity@20
_AIL_set_sample_3D_velocity_vector@16
_AIL_set_sample_51_volume_levels@28
_AIL_set_sample_51_volume_pan@24
_AIL_set_sample_address@12
_AIL_set_sample_adpcm_block_size@8
_AIL_set_sample_buffer_count@8
_AIL_set_sample_channel_levels@20
_AIL_set_sample_exclusion@8
_AIL_set_sample_file@12
_AIL_set_sample_info@8
_AIL_set_sample_is_3D@8
_AIL_set_sample_loop_block@12
_AIL_set_sample_loop_count@8
_AIL_set_sample_low_pass_cut_off@12
_AIL_set_sample_ms_position@8
_AIL_set_sample_obstruction@8
_AIL_set_sample_occlusion@8
_AIL_set_sample_playback_delay@8
_AIL_set_sample_playback_rate@8
_AIL_set_sample_playback_rate_factor@8
_AIL_set_sample_position@8
_AIL_set_sample_processor@12
_AIL_set_sample_reverb_levels@12
_AIL_set_sample_speaker_scale_factors@16
_AIL_set_sample_user_data@12
_AIL_set_sample_volume_levels@12
_AIL_set_sample_volume_pan@12
_AIL_set_speaker_configuration@16
_AIL_set_speaker_reverb_levels@20
_AIL_set_stream_loop_block@12
_AIL_set_stream_loop_count@8
_AIL_set_stream_ms_position@8
_AIL_set_stream_position@8
_AIL_set_stream_user_data@12
_AIL_set_timer_divisor@8
_AIL_set_timer_frequency@8
_AIL_set_timer_period@8
_AIL_set_timer_user@8
_AIL_shutdown@0
_AIL_size_processed_digital_audio@16
_AIL_sound_asset_filename@12
_AIL_speaker_configuration@20
_AIL_speaker_reverb_levels@16
_AIL_start_all_timers@0
_AIL_start_sample@4
_AIL_start_stream@4
_AIL_start_timer@4
_AIL_startup@0
_AIL_stop_all_timers@0
_AIL_stop_sample@4
_AIL_stop_timer@4
_AIL_stream_info@20
_AIL_stream_loop_count@4
_AIL_stream_ms_position@12
_AIL_stream_position@4
_AIL_stream_sample_handle@4
_AIL_stream_status@4
_AIL_stream_user_data@8
_AIL_stricmp@8
_AIL_strnicmp@12
_AIL_unapply_environment_preset@12
_AIL_unapply_sound_preset@12
_AIL_unlock@0
_AIL_unlock_mutex@0
_AIL_update_listener_3D_position@8
_AIL_update_sample_3D_position@8
_AIL_us_count@0
_MIX_RIB_MAIN@8
_MSSDisableThreadLibraryCalls@4
_MilesAddSoundBank@4
_MilesBeginEventQueueProcessing@0
_MilesClearEventQueue@0
_MilesCompleteEventQueueProcessing@0
_MilesEnqueueEvent@24
_MilesEnumeratePresetPersists@8
_MilesEnumerateSoundInstances@24
_MilesFindEvent@8
_MilesGetEventSystemState@4
_MilesPauseSoundInstances@12
_MilesRegisterRand@4
_MilesReleaseSoundBank@4
_MilesResumeSoundInstances@12
_MilesSetEventErrorCallback@4
_MilesSetSoundLabelLimits@4
_MilesShutdownEventSystem@0
_MilesStartSoundInstance@32
_MilesStartupEventSystem@20
_MilesStopSoundInstances@12
_MilesTextDumpEventSystem@0
_RIB_enumerate_providers@12
_RIB_find_file_dec_provider@20
_RIB_find_files_provider@20
_RIB_find_provider@12
_RIB_load_application_providers@4
_RIB_load_static_provider_library@8
_RIB_provider_system_data@8
_RIB_provider_user_data@8
_RIB_set_provider_system_data@12
_RIB_set_provider_user_data@12

Sections

.text
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MSSMIXER
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a99c7212aa73a604fce1a3780e349722

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

winmm

Exports

Exports

Sections

.text Size: 242KB - Virtual size: 242KB

MSSMIXER Size: 16KB - Virtual size: 15KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 17KB - Virtual size: 72KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 18KB - Virtual size: 18KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 242KB - Virtual size: 242KB

MSSMIXER
Size: 16KB - Virtual size: 15KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 17KB - Virtual size: 72KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 18KB - Virtual size: 18KB

.text
Size: 108KB - Virtual size: 112KB