f9eb6999b373d20d17dee0f209175694_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9eb6999b373d20d17dee0f209175694_JaffaCakes118
Size

2.7MB
MD5

f9eb6999b373d20d17dee0f209175694
SHA1

940c7cfbd199802a01c366fce6ab13afca4f4e7a
SHA256

dc5a7f6e5851b49e17960d79fb512d0a31fcec56c0a3f37d1a881e416df81e54
SHA512

cdffde5c242547de9c3a0b5f6ef187cae46519bfeec4db473c25dcd6ad389b1ae311c2129040382f94b909f87b30ab0371aaebc3d8488beba096d2199a69b5dd
SSDEEP

49152:xVUOnaGr0hYKfi4tRpyShujhxO3lEq4tRPJxynsOPlX151azNputh60TBMo0:EPKvjPy8XRxs+0hvT+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9eb6999b373d20d17dee0f209175694_JaffaCakes118

Files

f9eb6999b373d20d17dee0f209175694_JaffaCakes118
.exe windows:4 windows x86 arch:x86

edc753b3475337a9c48c09aec48aa6b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetTickCount
GetCommandLineA
GlobalAlloc
GetFileAttributesA
SetFileAttributesA
GetLastError
CreateMutexA
GetModuleHandleA
ReleaseMutex
QueryPerformanceCounter
CopyFileA
CreateEventA
LocalFree
FormatMessageA
CloseHandle
SetCurrentDirectoryA
GetCurrentDirectoryA
RaiseException
GetStartupInfoA
GetVersion
QueryPerformanceFrequency
ExitProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
GetLocalTime
WideCharToMultiByte
GetTimeZoneInformation
SetConsoleCtrlHandler
CreateDirectoryA
InterlockedDecrement
InterlockedIncrement
FindFirstFileA
FindNextFileA
FindClose
FileTimeToLocalFileTime
GetFullPathNameA
GetDriveTypeA
InitializeCriticalSection
DeleteCriticalSection
FatalAppExitA
TerminateProcess
GetModuleFileNameA
HeapSize
GetProcAddress
UnhandledExceptionFilter
GlobalLock
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
IsBadWritePtr
ReadFile
SetFilePointer
SetStdHandle
Sleep
MultiByteToWideChar
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
OutputDebugStringA
GetACP
GetOEMCP
LoadLibraryA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
CreateFileA
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
SetEndOfFile
GetLocaleInfoW
SetUnhandledExceptionFilter
HeapReAlloc
FileTimeToSystemTime
GetCPInfo
TerminateThread
SuspendThread
CreateThread
ResumeThread
SleepEx
SetThreadPriority
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

ReleaseCapture
SetCursorPos
ClientToScreen
SetCursor
IsDialogMessageA
SendDlgItemMessageA
LoadCursorA
UnregisterClassA
InvalidateRect
SetCapture
GetFocus
BeginPaint
ShowCursor
GetWindowLongA
MoveWindow
GetWindowRect
GetDesktopWindow
CreateDialogParamA
EndDialog
GetDlgItem
CheckDlgButton
SetWindowLongA
EndPaint
LoadIconA
GetDlgItemTextA
SetWindowPos
GetDoubleClickTime
GetKeyState
AdjustWindowRectEx
GetMenu
SystemParametersInfoA
ReleaseDC
GetDC
MapWindowPoints
AdjustWindowRect
UpdateWindow
RegisterClassA
MsgWaitForMultipleObjects
GetAsyncKeyState
wsprintfA
SendMessageA
FillRect
CreateWindowExA
ShowWindow
SetFocus
DestroyWindow
GetClientRect
DefWindowProcA
CheckRadioButton
IsDlgButtonChecked
SetDlgItemTextA
MessageBoxA
SetRect
PeekMessageA
TranslateMessage
FindWindowA
SetActiveWindow
SetForegroundWindow
PostQuitMessage
GetCursorPos
WindowFromPoint
GetCapture
ScreenToClient
DispatchMessageA
CloseClipboard
EmptyClipboard
GetClipboardData
OpenClipboard
SetClipboardData

comctl32

ord17

ole32

CoUninitialize
CoInitialize
CoCreateInstance

winmm

timeGetTime

gdi32

GetStockObject
BitBlt
CreateFontIndirectA
GetDeviceCaps
GetObjectA
StretchBlt
SetStretchBltMode
DeleteObject
SelectObject
CreateSolidBrush

comdlg32

ChooseFontA
GetSaveFileNameA

advapi32

RegQueryInfoKeyA
RegCloseKey
RegEnumValueA
RegOpenKeyExA

ddraw

DirectDrawCreate

dsound

ord1

dplayx

ord4

dinput

DirectInputCreateEx

imm32

ImmSetOpenStatus
ImmGetContext

Sections

.text
Size: - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 669KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.C2Plus0
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.re1oc
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.C2Plus1
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LiPass
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edc753b3475337a9c48c09aec48aa6b5

Headers

File Characteristics

Imports

kernel32

user32

comctl32

ole32

winmm

gdi32

comdlg32

advapi32

ddraw

dsound

dplayx

dinput

imm32

Sections

.text Size: - Virtual size: 6.9MB

.rdata Size: - Virtual size: 110KB

.data Size: - Virtual size: 669KB

.idata Size: - Virtual size: 7KB

.C2Plus0 Size: - Virtual size: 160KB

.reloc Size: - Virtual size: 269KB

.re1oc Size: - Virtual size: 304KB

.C2Plus1 Size: 2.7MB - Virtual size: 2.7MB

.rsrc Size: 28KB - Virtual size: 160KB

.LiPass Size: 4KB - Virtual size: 4KB

.code Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 6.9MB

.rdata
Size: - Virtual size: 110KB

.data
Size: - Virtual size: 669KB

.idata
Size: - Virtual size: 7KB

.C2Plus0
Size: - Virtual size: 160KB

.reloc
Size: - Virtual size: 269KB

.re1oc
Size: - Virtual size: 304KB

.C2Plus1
Size: 2.7MB - Virtual size: 2.7MB

.rsrc
Size: 28KB - Virtual size: 160KB

.LiPass
Size: 4KB - Virtual size: 4KB

.code
Size: 4KB - Virtual size: 4KB