0bd886c03ce81ca33f30ebd4f4797a1d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0bd886c03ce81ca33f30ebd4f4797a1d_JaffaCakes118
Size

820KB
MD5

0bd886c03ce81ca33f30ebd4f4797a1d
SHA1

b2580aaf8fc8825ef9cbfd3ce337365220843e06
SHA256

d1d5cfc7c70ff04b034be4195e432a0e16d0e2f64c467d0242288ea5916cf0ac
SHA512

d85c6f5a6a45a4cc43b34c5caa307235962217bf5b479a326c108bd8f8a6f40f6b6bf0a2112df411b1ba0fa1fce953d796853e1ab69f3761dea99311164078bb
SSDEEP

24576:cbTQW0St7MOIO1tMAAuHOUuRtPBk3Zh7+tIOC7:eTQNegjO8AAu3BP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bd886c03ce81ca33f30ebd4f4797a1d_JaffaCakes118

Files

0bd886c03ce81ca33f30ebd4f4797a1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c21385fda73f893184267d3cbb6e83c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\!!!Projects\!misteryville2\source\Release\pirates mysterville.pdb

Imports

kernel32

GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
VirtualQuery
InterlockedExchange
LoadLibraryA
GetEnvironmentStringsW
MapViewOfFile
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetFileSize
IsValidCodePage
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
CreateFileMappingA
CreateFileW
UnmapViewOfFile
FindResourceW
IsProcessorFeaturePresent
GetCurrentThread
SetLastError
TlsAlloc
SearchPathA
FindFirstFileA
FindNextFileA
GetModuleHandleA
FindResourceA
SizeofResource
LoadResource
LockResource
ExitProcess
CreateDirectoryA
GetCurrentDirectoryA
CreateMutexA
SetCurrentDirectoryA
GetLastError
Sleep
GlobalAlloc
CreateFileA
WriteFile
SetFilePointer
SetEndOfFile
SetStdHandle
GetStdHandle
SetEnvironmentVariableA
GetCPInfo
CloseHandle
GlobalFree
LocalAlloc
WideCharToMultiByte
SetHandleCount
HeapSize
HeapFree
HeapAlloc
GetFileType
RtlUnwind
ReadFile
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
MultiByteToWideChar
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetProcAddress
RaiseException
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetFileAttributesA

user32

LoadImageA
MessageBoxA
EndDialog
InvalidateRect
DrawTextA
GetDlgItemTextW
SetDlgItemTextW
SetWindowTextW
SetDlgItemTextA
DialogBoxParamA
GetWindowTextA
LoadBitmapA
CheckDlgButton
CreateDialogParamA
GetActiveWindow
SetForegroundWindow
SetFocus
PeekMessageA
TranslateMessage
DispatchMessageA
ShowCursor
GetDC
EndPaint
BeginPaint
GetDlgItem
SendMessageA
SetWindowTextA
EnableWindow
LoadIconA
RegisterClassExA
CreateWindowExA
DefWindowProcA
SetActiveWindow
DestroyWindow
UnregisterClassA
SetCursorPos
GetWindowRect
GetClientRect
GetCursorPos
LoadCursorA
SetClassLongA
GetDesktopWindow
ShowWindow
GetSystemMetrics
SetWindowPos
SetWindowLongA

gdi32

SetBkMode
Rectangle
SetTextColor
GetStockObject
StretchDIBits
CreateCompatibleBitmap
GetDIBits
BitBlt
SetStretchBltMode
SelectObject
StretchBlt
DeleteDC
CreateBitmap
GetObjectA
DeleteObject
CreateCompatibleDC

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegCreateKeyExA

shell32

SHGetFolderPathA
ShellExecuteA

bass

BASS_Pause
BASS_SetGlobalVolumes
BASS_ChannelIsActive
BASS_SampleStop
BASS_ChannelSetAttributes
BASS_Free
BASS_ChannelStop
BASS_StreamPlay
BASS_MusicSetAmplify
BASS_MusicLoad
BASS_StreamCreateFile
BASS_SampleLoad
BASS_Init
BASS_Start
BASS_Stop
BASS_MusicPlayEx
BASS_SamplePlayEx

winmm

timeGetTime

d3d8

Direct3DCreate8

dinput8

DirectInput8Create

comctl32

InitCommonControlsEx
ord16
ord17

msimg32

AlphaBlend

Sections

.text
Size: 672KB - Virtual size: 668KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c21385fda73f893184267d3cbb6e83c5

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

bass

winmm

d3d8

dinput8

comctl32

msimg32

Sections

.text Size: 672KB - Virtual size: 668KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 24KB - Virtual size: 5.6MB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 672KB - Virtual size: 668KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 24KB - Virtual size: 5.6MB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 44KB - Virtual size: 41KB