03bea3a82c6cc78beeaa1fc47b7ea297_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03bea3a82c6cc78beeaa1fc47b7ea297_JaffaCakes118
Size

1.6MB
MD5

03bea3a82c6cc78beeaa1fc47b7ea297
SHA1

5632659bf530eb63338f89ab923e4b32581237e3
SHA256

cc67aaf53b4fcc8061435a178aa148c1cb2706d53273d6bcab64d8ae6e41ebbd
SHA512

1f57677d2b4d7128695375813ade82d3357497b071fbeaa1443527f6abe24b2893725bcb461a980257992d0703158e164eaec8ac34e7ddf1bd4f9f9581ed0713
SSDEEP

49152:0Hrieo1NJHIfVduOJiZKyCwD9+bI5e8f/PhRn7:neoJHIfGOI9fj7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03bea3a82c6cc78beeaa1fc47b7ea297_JaffaCakes118

Files

03bea3a82c6cc78beeaa1fc47b7ea297_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3108f16b005844c9d4dac6b1b6ff7f23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3d9.pdb

Imports

d3d8thk

OsThunkDdSetGammaRamp
OsThunkDdCreateSurfaceEx
OsThunkDdCreateSurface
OsThunkDdCreateD3DBuffer
OsThunkDdAttachSurface
OsThunkDdCreateSurfaceObject
OsThunkDdCanCreateSurface
OsThunkDdCanCreateD3DBuffer
OsThunkD3dContextCreate
OsThunkD3dContextDestroy
OsThunkD3dContextDestroyAll
OsThunkDdGetDriverState
OsThunkD3dValidateTextureStageState
OsThunkD3dDrawPrimitives2
OsThunkDdGetScanLine
OsThunkDdQueryDirectDrawObject
OsThunkDdBlt
OsThunkDdReenableDirectDrawObject
OsThunkDdFlip
OsThunkDdGetDC
OsThunkDdDeleteDirectDrawObject
OsThunkDdGetDriverInfo
OsThunkDdQueryMoCompStatus
OsThunkDdRenderMoComp
OsThunkDdEndMoCompFrame
OsThunkDdBeginMoCompFrame
OsThunkDdDestroyMoComp
OsThunkDdCreateMoComp
OsThunkDdGetMoCompBuffInfo
OsThunkDdGetInternalMoCompInfo
OsThunkDdGetMoCompFormats
OsThunkDdGetMoCompGuids
OsThunkDdGetAvailDriverMemory
OsThunkDdFlipToGDISurface
OsThunkDdSetExclusiveMode
OsThunkDdWaitForVerticalBlank
OsThunkDdGetFlipStatus
OsThunkDdGetBltStatus
OsThunkDdUnlock
OsThunkDdUnlockD3D
OsThunkDdLock
OsThunkDdLockD3D
OsThunkDdResetVisrgn
OsThunkDdReleaseDC
OsThunkDdDeleteSurfaceObject
OsThunkDdDestroySurface
OsThunkDdDestroyD3DBuffer

msvcrt

_onexit
__dllonexit
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
memmove
realloc
free
malloc
strstr
isalnum
sscanf
_purecall
_strlwr
wcsrchr
atoi
ceil
_stricmp
_vsnprintf
floor
_CIpow
__CxxFrameHandler
_ftol
_snprintf
qsort
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
fflush
fwrite
??0exception@@QAE@ABV0@@Z
fopen
sprintf
strchr
??0exception@@QAE@XZ
fclose
calloc
_CxxThrowException

user32

PtInRect
GetCursorPos
SetCursorPos
GetCursor
SetCursor
DestroyIcon
GetDesktopWindow
GetWindowDC
CreateIconIndirect
mouse_event
SetForegroundWindow
SetRect
GetClientRect
ClientToScreen
EnumDisplaySettingsA
OffsetRect
IntersectRect
GetSystemMetrics
LoadStringA
GetMonitorInfoA
GetDC
ReleaseDC
SystemParametersInfoA
GetUserObjectInformationA
CloseDesktop
GetThreadDesktop
IsWindow
GetWindowThreadProcessId
KillTimer
SetWindowLongA
CallWindowProcA
SendMessageA
IsIconic
PostMessageA
GetWindowLongA
GetKeyState
DefWindowProcA
SetWindowPos
GetForegroundWindow
IsWindowVisible
ShowWindow
IsZoomed
SetTimer
ChangeDisplaySettingsA
wsprintfA
OpenInputDesktop

advapi32

RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyA
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

timeEndPeriod
timeBeginPeriod

gdi32

DeleteDC
GetNearestColor
CreateDCA
GdiEntry13
GetRegionData
DeleteObject
GetRandomRgn
CreateRectRgn
GetDIBits
CreateCompatibleBitmap
GetDeviceGammaRamp
SelectObject
CreateDIBSection
CreateCompatibleDC
StretchBlt
SetStretchBltMode
BitBlt
GdiEntry1
GetSystemPaletteEntries
CreateDIBitmap
GetDeviceCaps

kernel32

Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
LocalFree
LocalAlloc
VerSetConditionMask
VerifyVersionInfoA
LeaveCriticalSection
GetCurrentThread
SetThreadPriority
ResumeThread
SetThreadAffinityMask
GetProcessAffinityMask
GetTempPathA
TlsGetValue
TlsSetValue
GetEnvironmentVariableA
TlsAlloc
CreateEventA
CreateThread
ExitThread
SetEvent
WaitForMultipleObjects
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
DebugBreak
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
EnterCriticalSection
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
CloseHandle
WideCharToMultiByte
GetVersionExA
CreateFileA
MultiByteToWideChar
SetFilePointer
ReadFile
MoveFileA
DeleteFileA
WriteFile
GetFileSize
GetModuleFileNameA
GetPrivateProfileStringA
ConnectNamedPipe
SetNamedPipeHandleState
DisconnectNamedPipe
FlushFileBuffers
ReleaseMutex
PeekNamedPipe
TransactNamedPipe
WaitNamedPipeA
CreateNamedPipeA
GetSystemInfo
GetCurrentThreadId
lstrcmpA
GetLastError
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedExchange
SetErrorMode
InterlockedDecrement
GetSystemDirectoryA
GetModuleHandleA
lstrcpynA
OutputDebugStringA
OpenMutexA
CreateMutexA
DisableThreadLibraryCalls
GetCurrentProcessId
InterlockedCompareExchange

Exports

Exports

CheckFullscreen
D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_QueryRepeatFrame
D3DPERF_SetMarker
D3DPERF_SetOptions
D3DPERF_SetRegion
DebugSetLevel
DebugSetMute
Direct3DCreate9
Direct3DShaderValidatorCreate9
PSGPError
PSGPSampleTexture

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3108f16b005844c9d4dac6b1b6ff7f23

Headers

File Characteristics

PDB Paths

Imports

d3d8thk

msvcrt

user32

advapi32

version

winmm

gdi32

kernel32

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 1024B - Virtual size: 992B

.reloc Size: 52KB - Virtual size: 52KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 1024B - Virtual size: 992B

.reloc
Size: 52KB - Virtual size: 52KB