f202d2b293213b6fba57523b357bf320_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f202d2b293213b6fba57523b357bf320_JaffaCakes118
Size

3.9MB
MD5

f202d2b293213b6fba57523b357bf320
SHA1

f6abb698af72dcc3e33f6071153f87fb7123ebf9
SHA256

dc81f39544d6ccfc91d7c691136271f2b500e5165ccb0e45b76707c3fc563743
SHA512

8575369876d2987eb143376ed3d0ff97fa0405b693fcdae025eefe6b055e7f4276cc2348188ea8c0e3e1c1102476eaa7c726887d6edfa421067a71a1ddcfb387
SSDEEP

98304:1Totj5h48IFndn007tkJe9gDDbLynZPiCnhzejLhzyFO9Ctn6t1zcPrtE:1ER5h48IFndn007tkJe9gDDbLynUEhzS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f202d2b293213b6fba57523b357bf320_JaffaCakes118

Files

f202d2b293213b6fba57523b357bf320_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4f60dab73dacb93a4a690a3159382f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptImportKey
CryptGetHashParam
CryptDeriveKey
CryptDecrypt
CryptCreateHash
CryptHashData
CryptVerifySignatureA
CryptDestroyHash
RegEnumValueA
RegDeleteValueA
GetUserNameA
RegDeleteKeyA
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptAcquireContextA

dinput8

DirectInput8Create

dsound

DirectSoundCreate
DirectSoundEnumerateA

gdi32

TextOutA
GetTextExtentPoint32A
GetTextExtentPointA
SelectObject
CreateFontA
SetBkMode
SetTextColor
SetTextAlign
GetTextExtentExPointA
CreateFontIndirectA
GetStockObject
SetBkColor
SetPixelFormat
DeleteObject
DeleteDC
CreateDIBSection
SwapBuffers
BitBlt
CreateCompatibleDC
ChoosePixelFormat

glu32

gluOrtho2D
gluPerspective

imm32

ImmGetDefaultIMEWnd
ImmReleaseContext
ImmGetCompositionStringA
ImmGetCompositionWindow
ImmSetCompositionWindow
ImmGetProperty
ImmSetOpenStatus
ImmGetConversionStatus
ImmSetConversionStatus
ImmGetContext
ImmGetDescriptionA
ImmGetIMEFileNameA
ImmNotifyIME
ImmGetOpenStatus

kernel32

HeapReAlloc
GetSystemTimeAsFileTime
HeapAlloc
ExitProcess
GetVersion
FatalAppExitA
LCMapStringA
LCMapStringW
GetStartupInfoA
GetCPInfo
CompareStringA
CompareStringW
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapSize
GetACP
GetCurrentThreadId
GetTickCount
Sleep
lstrlenA
CloseHandle
WriteFile
SetFilePointer
CreateFileA
DeleteFileA
ReadFile
GetLocalTime
GetSystemDirectoryA
lstrcmpiA
GetVersionExA
QueryPerformanceCounter
SetProcessAffinityMask
SetThreadPriority
SetPriorityClass
GetProcessAffinityMask
GetThreadPriority
GetPriorityClass
GetCurrentThread
GetCurrentProcess
QueryPerformanceFrequency
GetOEMCP
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalMemoryStatus
GlobalUnlock
GlobalLock
GetCommandLineA
GetFileSize
GetLastError
GetPrivateProfileStringA
GetCurrentDirectoryA
CopyFileA
SetFileAttributesA
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
WinExec
FindClose
FindFirstFileA
GetModuleFileNameA
IsBadReadPtr
GetModuleHandleA
GetNumberFormatA
HeapFree
RaiseException
GetSystemTime
GetTimeZoneInformation
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
EnterCriticalSection
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
FindNextFileA
RemoveDirectoryA
GetFileAttributesA
CreateDirectoryA
GetThreadContext
lstrcpynA
GetCurrentProcessId
Module32First
Module32Next
SetUnhandledExceptionFilter
WaitForSingleObject
OpenEventA
lstrcatA
OpenMutexA
CreateThread
TerminateThread
CreateMutexA
ReleaseMutex
GetComputerNameA
lstrcmpA
CreateEventA
GetModuleFileNameW
VirtualProtect
OpenFileMappingA
LoadLibraryExA
GetTempFileNameA
GetTempPathA
GetProcessHeap
GetFileInformationByHandle
DuplicateHandle
CreatePipe
PeekNamedPipe
lstrcpyA
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
SetEndOfFile
SetConsoleCtrlHandler
GetLocaleInfoW
SetEvent
ResumeThread
ResetEvent
GetExitCodeProcess
WaitForMultipleObjects
CreateProcessA
OutputDebugStringA

opengl32

glColor3f
glEnd
glVertex3fv
glTexCoord2f
glBegin
glColor3fv
glGetIntegerv
glGetString
glAlphaFunc
glFogf
glFogfv
glEnable
glDisable
glClearColor
glTexImage2D
glBindTexture
glVertex3f
glDepthMask
glPolygonMode
glFrontFace
glStencilFunc
glColorMask
glVertex2f
glDepthFunc
glStencilOp
glTexParameteri
glTexEnvf
glPixelStorei
glDeleteTextures
glIsTexture
glColor4ub
glLoadIdentity
glMatrixMode
glPopMatrix
glClear
glTranslatef
glRotatef
glPushMatrix
wglDeleteContext
wglMakeCurrent
wglCreateContext
glScalef
glGenTextures
glTexEnvi
glReadPixels
glGetFloatv
glBlendFunc
glViewport
glFogi
glFlush
glTexSubImage2D
glColor4f

shell32

ShellExecuteA
ShellExecuteExA

user32

GetFocus
UnregisterHotKey
RegisterHotKey
GetAsyncKeyState
GetKeyboardLayout
GetKeyboardLayoutNameA
OpenClipboard
SendMessageA
wsprintfA
GetWindowRect
SetWindowPos
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetDesktopWindow
MessageBoxA
SetWindowLongA
CallWindowProcA
GetWindowLongA
GetCaretPos
GetWindowTextA
SetWindowTextA
ShowWindow
ReleaseDC
GetDC
CreateWindowExA
CloseClipboard
SetFocus
IsWindowVisible
GetScrollPos
SetScrollPos
SetTimer
FindWindowA
ShowCursor
SystemParametersInfoA
ReleaseCapture
SetCapture
DefWindowProcA
PostQuitMessage
EndPaint
BeginPaint
DestroyWindow
RegisterClassA
LoadCursorA
LoadIconA
SetForegroundWindow
GetSystemMetrics
AdjustWindowRect
IsIconic
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
UpdateWindow
PostMessageA
GetClipboardData
EnumDisplaySettingsA
SetCursorPos
KillTimer
SetRect
OffsetRect
PtInRect
GetDoubleClickTime
ScreenToClient
GetCursorPos
GetActiveWindow
IntersectRect
ClientToScreen
wvsprintfA
ChangeDisplaySettingsA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

winmm

mmioAscend
mmioOpenA
mmioClose
timeGetTime
mmioDescend
mmioRead
timeGetDevCaps
timeBeginPeriod
mmioWrite
timeEndPeriod

ws2_32

gethostbyname
WSAAsyncSelect
setsockopt
socket
shutdown
recv
WSASend
WSAStartup
WSACleanup
send
WSAGetLastError
inet_addr
htons
connect
closesocket

ole32

CoUninitialize
CoCreateInstance
CoInitialize

wzaudio

wzAudioStop
wzAudioPlay
wzAudioGetStreamOffsetRange
wzAudioDestroy
wzAudioOption
wzAudioCreate

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 136KB - Virtual size: 119.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 9.2MB

.as_0002
Size: 114KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 264KB

.as_0003
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f4f60dab73dacb93a4a690a3159382f2

Headers

File Characteristics

Imports

advapi32

dinput8

dsound

gdi32

glu32

imm32

kernel32

opengl32

shell32

user32

version

winmm

ws2_32

ole32

wzaudio

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.data Size: 107KB - Virtual size: 108KB

Size: 136KB - Virtual size: 119.1MB

.rsrc Size: 8KB - Virtual size: 12KB

.idata Size: 8KB - Virtual size: 12KB

.zero Size: - Virtual size: 9.2MB

.as_0002 Size: 114KB - Virtual size: 120KB

.zero Size: - Virtual size: 264KB

.as_0003 Size: 48KB - Virtual size: 48KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.data
Size: 107KB - Virtual size: 108KB

.rsrc
Size: 8KB - Virtual size: 12KB

.idata
Size: 8KB - Virtual size: 12KB

.zero
Size: - Virtual size: 9.2MB

.as_0002
Size: 114KB - Virtual size: 120KB

.zero
Size: - Virtual size: 264KB

.as_0003
Size: 48KB - Virtual size: 48KB