f19774fbbde8665344e2a0863ded3ec6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f19774fbbde8665344e2a0863ded3ec6_JaffaCakes118
Size

2.9MB
MD5

f19774fbbde8665344e2a0863ded3ec6
SHA1

2e72aea868ba2bbf18a9d45d339cd1bc1bfc0e78
SHA256

70575018f4f61dbb60096bb8cd0bb82b916cf877bd9f12f575ebb4156c71557b
SHA512

e186dc0ff86f12de9dfaa3e85ed502bd2856f7abbd108bf2fe87a43e220d3614a19e4091b2c08334a9c9ecc932651f3f71f2880138d7ff899d05adacc7fdc45e
SSDEEP

49152:aCx8P23rI7vulDl4dhuxc8UJ1UTBreKhs8F9iA7x4wWu1I2ftS6CqyaiK:aCx13r+ulh4Duxc8UJ1UTBreus8riA7R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f19774fbbde8665344e2a0863ded3ec6_JaffaCakes118

Files

f19774fbbde8665344e2a0863ded3ec6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08f7eb5274c9d98997dd63f43e15f8a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA

dinput8

DirectInput8Create

gdi32

EnumFontFamiliesA
AddFontResourceA
CreateDCA
CreateCompatibleBitmap
GetObjectA
SelectPalette
RealizePalette
GetDIBits
GetSystemPaletteEntries
CreatePalette
GetDeviceCaps
BitBlt
ExtTextOutA
GetTextExtentPoint32A
CreateDIBSection
SetTextColor
SetBkColor
SetTextAlign
SetMapMode
DeleteDC
CreateCompatibleDC
CreateFontA
SelectObject
DeleteObject
GetStockObject
SetBkMode
SetROP2

imm32

ImmIsIME
ImmGetContext
ImmSetStatusWindowPos
ImmReleaseContext
ImmAssociateContext

kernel32

GetTempFileNameA
CreateProcessA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetEvent
CreateEventA
GetSystemTime
WaitForSingleObject
SetEndOfFile
SetLastError
GetCurrentProcess
GetCurrentThreadId
OutputDebugStringA
CopyFileA
GetWindowsDirectoryA
CreateMutexA
lstrcmpiA
SetCurrentDirectoryA
lstrlenA
lstrcmpA
MulDiv
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
GetOEMCP
GetACP
GetCPInfo
TlsAlloc
HeapSize
ExitThread
TlsGetValue
TlsSetValue
GetVersion
GetCommandLineA
GetStartupInfoA
MoveFileA
GetFileAttributesA
RaiseException
HeapAlloc
HeapReAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GetTimeZoneInformation
ExitProcess
RtlUnwind
InterlockedExchange
GetVolumeInformationA
FindFirstChangeNotificationA
FindCloseChangeNotification
OpenEventA
WaitForMultipleObjects
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
GetModuleHandleA
TerminateProcess
GetProcAddress
OpenProcess
GetVersionExA
LoadLibraryA
FreeLibrary
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileMappingA
MapViewOfFile
CreateThread
UnmapViewOfFile
GetCurrentDirectoryA
FindFirstFileA
FindClose
lstrcpynA
Sleep
GetTickCount
lstrcpyA
GetLastError
lstrcatA
DeleteFileA
GetLocalTime
SetFilePointer
GetFileSize
GlobalAlloc
GlobalFree
GetModuleFileNameA
WriteFile
CreateFileA
CloseHandle
FindNextChangeNotification
HeapFree
GlobalReAlloc
GlobalLock
GlobalUnlock
InterlockedDecrement
LCMapStringA
InterlockedIncrement
ReadFile
CreateFileW
QueryPerformanceCounter
QueryPerformanceFrequency

oleaut32

SafeArrayCreate
VariantChangeType
VariantInit
SysAllocString
VariantClear
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopy

shell32

ShellExecuteA

user32

ChangeDisplaySettingsA
EnumDisplaySettingsA
AdjustWindowRect
SetRect
PtInRect
ReleaseDC
GetDC
SendMessageA
ScreenToClient
GetDoubleClickTime
IsRectEmpty
CopyRect
UnregisterClassA
GetPropA
SetPropA
FlashWindow
RegisterClassExA
SetWindowLongA
CreateWindowExA
GetKeyboardLayout
CallWindowProcA
SetFocus
SetWindowTextA
MoveWindow
GetWindowTextA
RemovePropA
wsprintfA
MessageBoxA
GetActiveWindow
DefWindowProcA
GetClientRect
PostQuitMessage
ShowCursor
GetCursorPos
SetRectEmpty
EqualRect
GetAsyncKeyState
GetClassInfoA
ClientToScreen
GetWindowThreadProcessId
GetClassNameA
GetParent
IsWindowVisible
CharUpperA
EnumWindows
SetCursor
GetCursor
DestroyWindow
ClipCursor
GetWindowRect
ShowWindow
UpdateWindow
GetSystemMetrics
EndPaint
BeginPaint
RegisterClassA
LoadIconA
DispatchMessageA
TranslateMessage
LoadCursorA
PeekMessageA
SetActiveWindow
CharLowerA
SetCursorPos

winmm

timeGetTime
PlaySoundA

wsock32

inet_addr
gethostbyname
gethostname
WSAStartup
WSACleanup
ntohl
htonl
closesocket
ntohs
inet_ntoa
recv
ioctlsocket
htons
socket
WSAGetLastError
setsockopt
connect
WSAAsyncSelect
send

d3d8

Direct3DCreate8

mss32

_AIL_shutdown@0
_AIL_set_redist_directory@4
_AIL_startup@0
_AIL_quick_startup@20
_AIL_quick_handles@12
_AIL_set_digital_master_room_type@8
_AIL_set_DirectSound_HWND@8
_AIL_enumerate_3D_providers@12
_AIL_open_3D_provider@4
_AIL_open_3D_listener@4
_AIL_set_3D_orientation@28
_AIL_set_3D_sample_loop_count@8
_AIL_set_3D_position@16
_AIL_quick_set_volume@12
_AIL_quick_halt@4
_AIL_end_3D_sample@4
_AIL_pause_stream@8
_AIL_set_3D_sample_volume@8
_AIL_set_stream_volume_levels@12
_AIL_quick_play@8
_AIL_set_stream_position@8
_AIL_start_stream@4
_AIL_quick_status@4
_AIL_3D_sample_status@4
_AIL_stream_status@4
_AIL_file_read@8
_AIL_file_type@8
_AIL_decompress_ASI@24
_AIL_WAV_info@8
_AIL_decompress_ADPCM@12
_AIL_quick_load_mem@8
_AIL_allocate_3D_sample_handle@4
_AIL_set_3D_sample_file@8
_AIL_open_stream@12
_AIL_set_stream_loop_count@8
_AIL_mem_free_lock@4
_AIL_quick_unload@4
_AIL_release_3D_sample_handle@4
_AIL_close_stream@4
_AIL_start_3D_sample@4

ole32

CoInitialize
CLSIDFromString
CoCreateInstance
CoUninitialize

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 51KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08f7eb5274c9d98997dd63f43e15f8a0

Headers

File Characteristics

Imports

advapi32

dinput8

gdi32

imm32

kernel32

oleaut32

shell32

user32

winmm

wsock32

d3d8

mss32

ole32

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.data Size: 192KB - Virtual size: 192KB

Size: 51KB - Virtual size: 1.3MB

.rsrc Size: 28KB - Virtual size: 27KB

.idata Size: 7KB - Virtual size: 8KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.data
Size: 192KB - Virtual size: 192KB

.rsrc
Size: 28KB - Virtual size: 27KB

.idata
Size: 7KB - Virtual size: 8KB