f7cf7bf25f618354aa8911d0292f5d76_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f7cf7bf25f618354aa8911d0292f5d76_JaffaCakes118
Size

69KB
MD5

f7cf7bf25f618354aa8911d0292f5d76
SHA1

87388da4836687571ff4a406dc91d2629f85ed24
SHA256

69f9b9262be587bc1eb393ee9034a391a00615cda4cc24c2ea106bf42e16e792
SHA512

591376e00a7676187471fd04720582df506436e89d140ee45129645da8c4c9dbd6e7c6bc24e5f72fe48d2108ac3a9c350021f321fa445fead231a685505fdd41
SSDEEP

1536:OxnUuA8L7Vtfz3H1FDP8SH01sh1061FGCHO0:OKuDL7vzlFTMsh1j1cCHO0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7cf7bf25f618354aa8911d0292f5d76_JaffaCakes118

Files

f7cf7bf25f618354aa8911d0292f5d76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

078c9624d637547f0c2b9ccbe9c72028

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

crypt32

CertCloseStore

atmlib

ATMGetOutlineA

winmm

timeBeginPeriod
timeEndPeriod

kernel32

DeleteCriticalSection
GetLastError
lstrcpynA
GetCurrentProcess
MoveFileA
TlsAlloc
EnterCriticalSection
SetUnhandledExceptionFilter
LeaveCriticalSection
LoadLibraryA
ResumeThread
InterlockedCompareExchange
TerminateProcess
VirtualFree
TlsSetValue
UnhandledExceptionFilter
MultiByteToWideChar
VerSetConditionMask
InterlockedExchange
PeekNamedPipe
CreateMutexA
GetSystemDirectoryA
GetCurrentProcessId
DeleteFileA
WaitNamedPipeA
DisconnectNamedPipe
WaitForSingleObject
CreateFileA
GetSystemInfo
GetNativeSystemInfo
ExitThread
SetEvent
TlsGetValue
TransactNamedPipe
CreateEventA
GetEnvironmentVariableA
InterlockedIncrement
GetPrivateProfileStringA
GetCurrentThreadId
lstrcmpA
QueryPerformanceCounter
GetSystemTimeAsFileTime
OpenMutexA
DebugBreak
ReleaseMutex
VerifyVersionInfoA
GetProcessAffinityMask
SetErrorMode
GetCurrentThread
ReleaseSemaphore
GetProcAddress
OutputDebugStringA
GetVersionExA
LocalFree
GetModuleHandleA
GetTempPathA
CreateThread
SetThreadPriority
CloseHandle
DisableThreadLibraryCalls
CreateNamedPipeA
WriteFile
FreeLibrary
FlushFileBuffers
QueryPerformanceFrequency
ReadFile
InterlockedDecrement
InitializeCriticalSection
SetFilePointer
VirtualProtect
GetModuleFileNameA
WideCharToMultiByte
SetNamedPipeHandleState
Sleep
LocalAlloc
WaitForMultipleObjects
IsProcessorFeaturePresent
CreateSemaphoreA
VirtualAlloc
SetThreadAffinityMask
ConnectNamedPipe
GetFileSize
GetTickCount

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

SetRect
GetCursor
OpenInputDesktop
wsprintfA
GetWindowDC
SetCursor
IsZoomed
EnumDisplaySettingsA
GetSystemMetrics
LoadStringA
SetWindowPos
ChangeDisplaySettingsA
CallWindowProcA
GetWindowLongA
SetForegroundWindow
DestroyIcon
SetTimer
GetForegroundWindow
PostMessageA
IsWindow
GetDC
mouse_event
GetCursorPos
SystemParametersInfoA
CreateIconIndirect
SendMessageA
KillTimer
IsIconic
GetUserObjectInformationA
ReleaseDC
IntersectRect
GetThreadDesktop
GetDesktopWindow
SetWindowLongA
ClientToScreen
OffsetRect
DefWindowProcA
CloseDesktop
ShowWindow
GetClientRect
SetCursorPos
GetWindowThreadProcessId
GetMonitorInfoA
GetKeyState
IsWindowVisible
PtInRect

d3d8thk

OsThunkDdDestroySurface
OsThunkDdResetVisrgn
OsThunkDdCanCreateD3DBuffer
OsThunkDdUnlockD3D
OsThunkDdGetMoCompFormats
OsThunkDdGetDriverInfo
OsThunkDdGetBltStatus
OsThunkDdGetMoCompGuids
OsThunkDdDeleteSurfaceObject
OsThunkDdDestroyMoComp
OsThunkD3dContextDestroy
OsThunkD3dContextDestroyAll
OsThunkDdFlipToGDISurface
OsThunkDdDeleteDirectDrawObject
OsThunkDdWaitForVerticalBlank
OsThunkDdCreateMoComp
OsThunkDdReleaseDC
OsThunkDdCreateSurface
OsThunkDdUnlock
OsThunkDdRenderMoComp
OsThunkDdDestroyD3DBuffer
OsThunkDdAttachSurface
OsThunkDdLock
OsThunkDdFlip
OsThunkDdEndMoCompFrame
OsThunkDdGetScanLine
OsThunkD3dDrawPrimitives2
OsThunkDdSetExclusiveMode
OsThunkDdBeginMoCompFrame
OsThunkDdCreateSurfaceObject
OsThunkDdGetMoCompBuffInfo
OsThunkD3dContextCreate
OsThunkDdGetDC
OsThunkDdReenableDirectDrawObject
OsThunkDdGetAvailDriverMemory
OsThunkD3dValidateTextureStageState
OsThunkDdQueryMoCompStatus
OsThunkDdCanCreateSurface
OsThunkDdGetDriverState
OsThunkDdCreateD3DBuffer
OsThunkDdBlt
OsThunkDdLockD3D
OsThunkDdQueryDirectDrawObject
OsThunkDdGetInternalMoCompInfo
OsThunkDdCreateSurfaceEx
OsThunkDdSetGammaRamp
OsThunkDdGetFlipStatus

ws2_32

WSAGetLastError

gdi32

GetDIBits
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
GdiEntry1
GetRandomRgn
GetDeviceCaps
CreateRectRgn
CreateCompatibleBitmap
GetNearestColor
GetRegionData
BitBlt
GetDeviceGammaRamp
DeleteDC
CreateDCA
SelectObject
GdiEntry13
SetStretchBltMode
StretchBlt
DeleteObject
GetSystemPaletteEntries

Sections

.textbss
Size: 38KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

078c9624d637547f0c2b9ccbe9c72028

Headers

File Characteristics

Imports

crypt32

atmlib

winmm

kernel32

version

user32

d3d8thk

ws2_32

gdi32

Sections

.textbss Size: 38KB - Virtual size: 368KB

.text Size: 512B - Virtual size: 440B

.rdata Size: 512B - Virtual size: 32B

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 39KB - Virtual size: 38KB

.data Size: 512B - Virtual size: 4B

.textbss
Size: 38KB - Virtual size: 368KB

.text
Size: 512B - Virtual size: 440B

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 39KB - Virtual size: 38KB

.data
Size: 512B - Virtual size: 4B