e7d6ddc8cb80e65b3af2589b9f1909d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e7d6ddc8cb80e65b3af2589b9f1909d1_JaffaCakes118
Size

996KB
MD5

e7d6ddc8cb80e65b3af2589b9f1909d1
SHA1

85510fb4863e5e60bc698ebbe74f856fbb355934
SHA256

fc781c12e85d93484dfc950167349780cf4b651f8474a426f0a3f64988c5ab83
SHA512

776d808e178953f77cc72de176e26aae03174a7a7b5a4bcdd210403bb9faa337688e50f3f9676805969154986522a609e9e9232a2f262804439a2e39ef70eeba
SSDEEP

24576:85LlG85CIR/NCykZ0J2M0q/JtrzwemCc1AWEGTR0j61PRjDZK:8VlG85CI9NCy800oHEygTR0CPlZK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7d6ddc8cb80e65b3af2589b9f1909d1_JaffaCakes118

Files

e7d6ddc8cb80e65b3af2589b9f1909d1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a54cfe8c2530d3e3cc514a5c0033f1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\MechoWarsPrime\trunk\tools\ProjectMaker\project\vs9\project\project.pdb

Imports

opengl32

glGenTextures
glTexImage2D
glGetIntegerv
glDeleteTextures
glRotatef
glGetFloatv
glLoadMatrixf
glLoadIdentity
glFrontFace
glEnable
glTexCoordPointer
glTranslatef
glVertexPointer
glMatrixMode
glCullFace
glBlendFunc
glMultMatrixf
glPushMatrix
glDisableClientState
glPopMatrix
glTexParameteri
glColor4f
glDrawArrays
glColorPointer
glDisable
glBindTexture
glScissor
glOrtho
glClearColor
glClear
glEnableClientState

glfw

glfwGetMousePos
glfwSetMousePos
glfwGetWindowParam
glfwGetKey
glfwOpenWindowHint
glfwSetWindowSize
glfwSetWindowTitle
glfwTerminate
glfwSetWindowCloseCallback
glfwSwapBuffers
glfwGetVideoModes
glfwSetWindowPos
__glfwSetOpenWindowAlignPos@4
glfwOpenWindow
glfwCloseWindow
glfwSwapInterval
glfwInit
glfwGetMouseButton

alut

alutUnloadWAV
alutInit
alutLoadWAVFile

openal32

alSource3f
alBufferData
alDeleteSources
alListener3f
alDeleteBuffers
alGenSources
alSourcef
alSourcePlay
alSourcei
alGenBuffers
alSourceStop

libhqxt

hqxt_edge
hqxInit
hq2xt_32

kernel32

CreateProcessA
CloseHandle
ExitProcess
GetModuleHandleW
RtlUnwind
HeapAlloc
DuplicateHandle
LeaveCriticalSection
EnterCriticalSection
HeapFree
IsDebuggerPresent
TlsGetValue
TlsAlloc
GetCurrentProcess
MoveFileA
DeleteFileA
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
InterlockedIncrement
InterlockedDecrement
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetStartupInfoA
HeapReAlloc
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetProcessHeap
SetEndOfFile
SetStdHandle
GetLocaleInfoW
GetModuleHandleA
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetFullPathNameA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetStringTypeW
FreeLibrary
FormatMessageA
GetLastError
GetProcAddress
LoadLibraryA
GetModuleFileNameA
CreateDirectoryA
QueryPerformanceCounter
Sleep
QueryPerformanceFrequency
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetTimeZoneInformation
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WaitForSingleObject
GetExitCodeProcess
CreatePipe
CreateFileA
GetFileAttributesA
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ReadFile
MultiByteToWideChar
GetFileType
SetHandleCount
VirtualAlloc
TlsSetValue
DeleteCriticalSection
VirtualFree
HeapCreate
GetStdHandle
WriteFile
RaiseException
HeapSize
GetCurrentThreadId
SetLastError
TlsFree
TerminateProcess

user32

GetSystemMetrics

shell32

SHGetSpecialFolderPathA

libogg

ogg_page_eos
ogg_sync_reset
ogg_page_granulepos
ogg_sync_pageseek
ogg_page_bos
ogg_page_serialno
ogg_stream_reset
ogg_stream_pagein
ogg_page_continued
ogg_sync_init
ogg_sync_buffer
ogg_sync_wrote
ogg_stream_init
ogg_stream_clear
ogg_sync_clear
ogg_stream_packetpeek
ogg_stream_reset_serialno
ogg_stream_packetout

libvorbis

vorbis_comment_clear
vorbis_info_clear
vorbis_dsp_clear
vorbis_block_clear
vorbis_synthesis_headerin
vorbis_synthesis_idheader
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis_halfrate
vorbis_synthesis_halfrate_p
vorbis_synthesis_restart
vorbis_synthesis_read
vorbis_synthesis_pcmout
vorbis_synthesis_blockin
vorbis_synthesis_trackonly
vorbis_info_blocksize
vorbis_block_init
vorbis_synthesis_init
vorbis_synthesis
vorbis_synthesis_lapout
vorbis_window
vorbis_comment_init

Sections

.text
Size: 671KB - Virtual size: 670KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a54cfe8c2530d3e3cc514a5c0033f1c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

glfw

alut

openal32

libhqxt

kernel32

user32

shell32

libogg

libvorbis

Sections

.text Size: 671KB - Virtual size: 670KB

.rdata Size: 131KB - Virtual size: 131KB

.data Size: 9KB - Virtual size: 20KB

.rsrc Size: 154KB - Virtual size: 154KB

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 671KB - Virtual size: 670KB

.rdata
Size: 131KB - Virtual size: 131KB

.data
Size: 9KB - Virtual size: 20KB

.rsrc
Size: 154KB - Virtual size: 154KB

.reloc
Size: 29KB - Virtual size: 29KB