0f24f9fd13feb1bad2c26b89c64a87f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f24f9fd13feb1bad2c26b89c64a87f1_JaffaCakes118
Size

2.9MB
MD5

0f24f9fd13feb1bad2c26b89c64a87f1
SHA1

a1e822ad687894b8341c77b48b8e01efdc11118a
SHA256

154a0d22113549b763b46e4bd6818c04b2350cc66b61109cc7a73b14ece5b26e
SHA512

53889c8642d6bf7075a3fca77da03c54c77f24531609c4bf896a2d06f092deb5ad82681d2e038eb1240de0d3e931f60a3fd01189c6b2647d3faaef8a2044e550
SSDEEP

3072:9rLP/NZkP5tbSBy3l5n6Cc+Vz/VmTlDmeNmyRhAu9:9FZkP5tbSBy3lx6CVz0TiyRh3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f24f9fd13feb1bad2c26b89c64a87f1_JaffaCakes118

Files

0f24f9fd13feb1bad2c26b89c64a87f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9715abd1dca729bba5d7857a5634e765

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
WaitForMultipleObjects
DeleteFileA
OutputDebugStringA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
CreateDirectoryA
GetPrivateProfileStringA
GetLocalTime
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
GetFileType
LockResource
GetEnvironmentStringsW
GetEnvironmentStringsA
WideCharToMultiByte
lstrlen
FreeEnvironmentStringsA
CreateEventA
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
VirtualAlloc
GetCurrentProcess
TerminateProcess
VirtualFree
HeapReAlloc
InterlockedIncrement
LoadLibraryA
GetProcAddress
InterlockedDecrement
GetStdHandle
DebugBreak
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetSystemTime
GetTimeZoneInformation
CreateThread
SetThreadPriority
HeapFree
HeapAlloc
HeapDestroy
GetSystemInfo
HeapCreate
GetFileTime
WriteFile
SetEndOfFile
MapViewOfFile
CreateFileMappingA
SetFileAttributesA
UnmapViewOfFile
lstrcmp
lstrcmpi
lstrcpyn
lstrcat
GetModuleFileNameA
RaiseException
RtlUnwind
lstrcpy
CreateFileA
GetFileSize
SetFilePointer
ReadFile
GetCurrentDirectoryA
GetLastError
FormatMessageA
HeapValidate
IsBadReadPtr
IsBadWritePtr
SetEnvironmentVariableA
UnhandledExceptionFilter
LocalFree
FreeEnvironmentStringsW
CloseHandle

user32

MessageBoxA
SystemParametersInfoA
PostMessageA
RegisterClassExA
GetSystemMetrics
GetWindowRect
PostQuitMessage
CreateWindowExA
GetDlgItem
SendMessageA
GetWindowLongA
SetWindowTextA
DestroyWindow
wsprintfA
CharNextA
CharPrevA
ReleaseDC
GetDC
UpdateWindow
ClipCursor
GetWindowRgn
DialogBoxParamA
ShowCursor
EndDialog
SendDlgItemMessageA
GetDlgItemInt
SetFocus
SetDlgItemInt
CallWindowProcA
SetCapture
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
SetWindowLongA
ShowWindow
RegisterClassA
LoadCursorA
LoadIconA

winmm

mmioOpenA
timeBeginPeriod
mmioDescend
mmioAscend
timeGetTime
mmioRead
mmioClose

comctl32

InitCommonControls

ddraw

DirectDrawEnumerateA
DirectDrawCreate

dinput

DirectInputCreateA

dsound

DirectSoundEnumerateA
DirectSoundCreate

gdi32

BitBlt
GetStockObject
CreateRectRgn
OffsetRgn
SelectClipRgn
CreateCompatibleDC
CreateDIBSection
DeleteObject
DeleteDC
GetPixel
SetPixel
CreateFontIndirectA
SelectObject
SetBkColor
SetBkMode
SetTextColor
TextOutA

imm32

ImmIsIME

binkw32

_BinkCopyToBuffer@28
_BinkOpenMiles@4
_BinkWait@4
_BinkDoFrame@4
_BinkDDSurfaceType@4
_BinkSetSoundSystem@8
_BinkClose@4
_BinkBufferClose@4
_BinkNextFrame@4
_BinkOpen@8

comdlg32

GetOpenFileNameA
GetSaveFileNameA

mss32

_AIL_set_stream_volume@8
_AIL_start_stream@4
_AIL_set_3D_sample_cone@16
_AIL_set_stream_user_data@12
_AIL_open_stream@12
_AIL_stream_volume@4
_AIL_stream_status@4
_AIL_stream_user_data@8
_AIL_close_stream@4
_AIL_3D_sample_status@4
_AIL_set_3D_orientation@28
_AIL_file_size@4
_AIL_file_read@8
_AIL_file_type@8
_AIL_WAV_info@8
_AIL_decompress_ADPCM@12
_AIL_decompress_ASI@24
_AIL_set_3D_sample_file@8
_AIL_set_3D_position@16
_AIL_start_3D_sample@4
_AIL_3D_position@16
_AIL_set_3D_speaker_type@8
_AIL_set_3D_sample_loop_count@8
_AIL_stream_ms_position@12
_AIL_set_3D_sample_distances@12
_AIL_3D_room_type@4
_AIL_allocate_3D_sample_handle@4
_AIL_3D_sample_cone@16
_AIL_open_3D_listener@4
_AIL_enumerate_3D_providers@12
_AIL_open_3D_provider@4
_AIL_set_3D_room_type@8
_AIL_set_3D_sample_effects_level@8
_AIL_set_3D_sample_volume@8
_AIL_end_3D_sample@4
_AIL_release_3D_sample_handle@4
_AIL_close_3D_listener@4
_AIL_close_3D_provider@4
_AIL_sample_status@4
_AIL_sample_user_data@8
_AIL_set_named_sample_file@20
_AIL_set_sample_file@12
_AIL_set_sample_user_data@12
_AIL_set_sample_volume@8
_AIL_set_sample_pan@8
_AIL_set_sample_loop_count@8
_AIL_start_sample@4
_AIL_set_digital_master_volume@8
_AIL_digital_master_volume@4
_AIL_digital_handle_reacquire@4
_AIL_digital_handle_release@4
_AIL_end_sample@4
_AIL_release_sample_handle@4
_AIL_set_preference@8
_AIL_waveOutOpen@16
_AIL_digital_configuration@16
_AIL_get_preference@4
_AIL_waveOutClose@4
_AIL_allocate_sample_handle@4
_AIL_last_error@0
_AIL_init_sample@4
_AIL_mem_free_lock@4
_AIL_mem_alloc_lock@4
_AIL_set_redist_directory@4
_AIL_startup@0
_AIL_set_stream_loop_count@8
_AIL_shutdown@0

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 92KB - Virtual size: 11.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icore
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9715abd1dca729bba5d7857a5634e765

Headers

File Characteristics

Imports

kernel32

user32

winmm

comctl32

ddraw

dinput

dsound

gdi32

imm32

binkw32

comdlg32

mss32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 92KB - Virtual size: 11.7MB

.icore Size: 12KB - Virtual size: 12KB

.rsrc Size: 8KB - Virtual size: 160KB

.idata Size: 8KB - Virtual size: 8KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 92KB - Virtual size: 11.7MB

.icore
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 8KB - Virtual size: 160KB

.idata
Size: 8KB - Virtual size: 8KB