8c04072c48af4c6372cf62746f43946e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c04072c48af4c6372cf62746f43946e_JaffaCakes118
Size

91KB
MD5

8c04072c48af4c6372cf62746f43946e
SHA1

5f78f8af30b9853ce220b4f8884d89f1eba5f921
SHA256

6f03ed8a16cf76dad12a0ba59eeb360423cd6e098ca46dafb80d9f0766438915
SHA512

84d85513977a7d5cef286f02ecabf3f8235bbc1b043892eda31020c535cd9a5c659c6b945c4c7fff17a623c2005260b5c950fa5398c711e7cb8bcfe849b2d580
SSDEEP

1536:+OGbnjbdMK5q87VmfGWKAPtbWai5iAPfDJJEMeoSBH435epxVd6RYNzQ2A41zk:+OGbnjbdt5q87V2GdojboI4353RsK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/D3D9_Empty2.exe

Files

8c04072c48af4c6372cf62746f43946e_JaffaCakes118
.zip
Common/D3D9_DrawText.Asm
Common/Direct3D9_Main.Asm
D3D9_Empty2.Asm
D3D9_Empty2.Rc
D3D9_Empty2.exe
.exe windows:4 windows x86 arch:x86

0a9e77568d30a1e6c14ac99fc924a4ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
GlobalFree
GlobalAlloc
MultiByteToWideChar
ReadFile
MulDiv
GetFileSize
CreateFileA
CloseHandle
QueryPerformanceCounter
Sleep
SizeofResource
RtlZeroMemory
RtlMoveMemory
GetProcessHeap
QueryPerformanceFrequency
GetModuleHandleA
FindResourceA
ExitProcess

user32

ValidateRect
UpdateWindow
UnregisterClassA
ShowWindow
SetWindowPos
SetWindowLongA
SetRect
SetCursor
ReleaseDC
RegisterClassExA
PostQuitMessage
PeekMessageA
MessageBoxA
LoadCursorA
GetWindowRect
GetSystemMetrics
GetMessageA
GetDesktopWindow
GetDC
DispatchMessageA
DefWindowProcA
CreateWindowExA
AdjustWindowRectEx
TranslateMessage

gdi32

GetClipBox
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize

d3d9

Direct3DCreate9

msvcrt

sprintf

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits

oleaut32

OleLoadPicture

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
D3D9_Empty2.rap
Includes/D3D9_DrawText.Inc
Includes/D3DMathSSE2.Inc
Includes/D3DTexture.Inc
Includes/Direct3D9_Main.inc
Includes/d3d9.inc
Includes/d3d9caps.inc
Includes/d3d9types.inc
Includes/dx9macros.inc
Libs/D3DMathSSE2.lib
Libs/D3DTexture.lib
Libs/d3d9.lib
Libs/msvcrt.lib
Media/D3d9Font.gif
.gif
Media/GOLDFONTTRANS2.png
.png

Sharing

General

Malware Config

Signatures

Files

0a9e77568d30a1e6c14ac99fc924a4ce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

d3d9

msvcrt

gdiplus

oleaut32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 5KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 5KB

.rsrc
Size: 9KB - Virtual size: 8KB