e9777bfc60aee8fdff428aaff183998f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9777bfc60aee8fdff428aaff183998f_JaffaCakes118
Size

1.1MB
MD5

e9777bfc60aee8fdff428aaff183998f
SHA1

914cd4c94f845e8fd9d49bbe4d8f23795e017173
SHA256

52997a54369f4c2add6b7a7a6d70fc81891d4465dae01d2a6744caa3352d8469
SHA512

103a5f20e4dc6011c8b73c0b413c87bf63257ea8649e8744f6e9b883d0fdf0afa55d15d2b81f67da30dea0a6fe016ab3bb19b41501e22a6d3b299770d641733a
SSDEEP

12288:m6khpZJdP3FxyakpIq0MKcEpJ0VRC4/E3obHdTHnUYId8Ack2SyumPHXJ:6JdPApI79IVR23o5THnG7ccQ/J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9777bfc60aee8fdff428aaff183998f_JaffaCakes118

Files

e9777bfc60aee8fdff428aaff183998f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ce0f6fb3130886e3f0abe009d49c66d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalMemoryStatus
MulDiv
MultiByteToWideChar
ResumeThread
GetVersionExA
SuspendThread
lstrcmpiA
GlobalUnlock
GlobalLock
GlobalReAlloc
SetCurrentDirectoryA
DeleteFileA
MoveFileA
RemoveDirectoryA
EnterCriticalSection
LeaveCriticalSection
lstrcmpA
GetLocalTime
SetEvent
ResetEvent
PulseEvent
InitializeCriticalSection
DeleteCriticalSection
GetTempPathA
GetWindowsDirectoryA
ReleaseMutex
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
VirtualQuery
GetTickCount
IsDebuggerPresent
VirtualProtect
lstrcatA
GetModuleHandleA
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentDirectoryA
OpenEventA
GetDriveTypeA
GetProcAddress
WaitForSingleObject
CreateEventA
CreateThread
LoadLibraryA
FreeLibrary
Sleep
GlobalFree
GlobalAlloc
CreateToolhelp32Snapshot
Process32First
lstrlenA
Process32Next
FindFirstFileA
FindClose
GetModuleFileNameA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentProcess
FlushInstructionCache
GetCurrentThread
SetThreadPriority
ReadFile
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
CreateProcessA
GetFileAttributesA
WriteFile
VirtualFree
VirtualAlloc
lstrcpyA
CreateFileA
SetFilePointer
GetFileSize
CreateMutexA
OpenMutexA
WaitForMultipleObjects
LCMapStringW
ExitProcess
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
FlushFileBuffers
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileType
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
RaiseException
TerminateProcess
LCMapStringA
SetEndOfFile
SetLastError
TlsAlloc
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetVersion
GetCommandLineA
GetStartupInfoA
ExitThread
TlsGetValue
CloseHandle
TlsSetValue
GetCurrentThreadId
GetLastError
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
LocalFree
LocalAlloc
InterlockedExchange
GetThreadPriority
SystemTimeToFileTime
FileTimeToSystemTime

user32

IsMenu
DestroyMenu
SetCursor
GetCursorPos
LoadCursorA
WaitMessage
UnhookWindowsHookEx
SetCursorPos
GetSystemMetrics
EndPaint
BeginPaint
InvalidateRect
IntersectRect
CreateWindowExA
PostMessageA
SystemParametersInfoA
DispatchMessageA
TranslateMessage
PeekMessageA
IsWindow
FillRect
EqualRect
SetWindowPos
ChangeDisplaySettingsA
SetMenu
SetWindowLongA
EnumDisplaySettingsA
ShowWindow
AdjustWindowRectEx
GetWindowPlacement
SetWindowPlacement
ScreenToClient
DestroyCursor
CreateCursor
GetWindowRect
GetDC
ReleaseDC
CharUpperA
wsprintfA
GetClientRect
ClientToScreen
CharLowerA
GetKeyboardState
GetForegroundWindow
CallNextHookEx
GetAsyncKeyState
SetWindowsHookExA
PtInRect
MessageBoxA
RegisterClassA
IsIconic
OpenIcon
CloseWindow
DefWindowProcA
PostQuitMessage
SetCapture
SetForegroundWindow
ScrollWindowEx
GetWindowLongA
ValidateRect
UpdateWindow
MsgWaitForMultipleObjects
SendMessageA
AdjustWindowRect
FindWindowA
CheckMenuItem
RemoveMenu
EnableMenuItem
DrawMenuBar
ReleaseCapture
TrackPopupMenu
AppendMenuA
CreatePopupMenu
CreateMenu
GetWindowTextA
SetWindowTextA
wvsprintfA
KillTimer
SetTimer
CreateDialogParamA
GetMessageA
IsDialogMessageA
GetDlgItemTextA
SetDlgItemTextA
DestroyWindow
SetFocus
GetFocus
GetClassLongA
SetClassLongA
LoadIconA
GetQueueStatus
PostThreadMessageA
RegisterWindowMessageA
GetKeyboardType
GetSysColor

gdi32

DeleteObject
GetDeviceCaps
SetDIBitsToDevice
SetPixelFormat
ChoosePixelFormat
BitBlt
SwapBuffers
DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
GetCurrentObject
StretchBlt
SetStretchBltMode
GetStockObject
RealizePalette
SelectPalette
EnumFontFamiliesExA
GetTextMetricsA
GetTextExtentPoint32A
CreateFontA
SetTextColor
SetBkColor
SetBkMode
GetGlyphOutlineA
TextOutA
CreatePalette

advapi32

RegEnumValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegSetValueExA
RegCreateKeyExA
GetUserNameA

shell32

DragQueryFileA
DragFinish

ole32

CreateStreamOnHGlobal
CoTaskMemAlloc
CoFreeUnusedLibraries
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

OleLoadPicture

opengl32

glTexParameteri
wglCreateContext
glViewport
glTexSubImage2D
glClearColor
glClear
glEnable
glBegin
glFlush
wglDeleteContext
glVertex2d
glEnd
glDisable
glTexImage2D
wglMakeCurrent
glPixelStorei
glTexCoord2f

winmm

timeEndPeriod
waveOutOpen
waveOutClose
timeBeginPeriod
midiOutOpen
midiOutLongMsg
timeSetEvent
joyGetPosEx
sndPlaySoundA
timeGetTime
midiOutClose
midiOutShortMsg
timeGetDevCaps
timeKillEvent
mciSendCommandA

dsound

ord1

ddraw

DirectDrawCreate

imm32

ImmAssociateContext
ImmGetContext
ImmReleaseContext
ImmSetOpenStatus

dinput

DirectInputCreateA

Sections

.text
Size: 544KB - Virtual size: 541KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 168KB - Virtual size: 9.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.riox
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ce0f6fb3130886e3f0abe009d49c66d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

opengl32

winmm

dsound

ddraw

imm32

dinput

Sections

.text Size: 544KB - Virtual size: 541KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 168KB - Virtual size: 9.3MB

.rsrc Size: 212KB - Virtual size: 211KB

.riox Size: 76KB - Virtual size: 76KB

.text
Size: 544KB - Virtual size: 541KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 168KB - Virtual size: 9.3MB

.rsrc
Size: 212KB - Virtual size: 211KB

.riox
Size: 76KB - Virtual size: 76KB