2e56dfaccc5f1074ab370a3df56c8a62_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e56dfaccc5f1074ab370a3df56c8a62_JaffaCakes118
Size

91KB
MD5

2e56dfaccc5f1074ab370a3df56c8a62
SHA1

83158c95e737e1c1d877433c2861fe557425f684
SHA256

0900b9a2b7c13ddd31779a3afdf3f200e5439f60abf85fab55b31389775d834f
SHA512

e63af2f366b4d3c68931284dc7ba7013010fe4aee2098a67376046ae40b5acc876aed0e73ddc4f1c2fe08b33c936ae24fd0018e75a7b752856c35bc712e61625
SSDEEP

1536:nX9HL+zs+HucLHHGi9CkMmgDVGnRPVGtNIhGyggLFfpZcOySSEROdN:nX9L+zs+hjHGiUXm6GnRtqNI7gg5fDje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e56dfaccc5f1074ab370a3df56c8a62_JaffaCakes118

Files

2e56dfaccc5f1074ab370a3df56c8a62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7d82fe0519938c944b660497f618537

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8thk

OsThunkDdCanCreateSurface
OsThunkDdFlipToGDISurface
OsThunkDdDestroyD3DBuffer
OsThunkDdGetMoCompBuffInfo
OsThunkDdGetMoCompGuids
OsThunkDdUnlock
OsThunkDdSetExclusiveMode
OsThunkDdGetDriverInfo
OsThunkDdEndMoCompFrame
OsThunkDdDestroySurface
OsThunkDdGetDriverState
OsThunkDdDeleteDirectDrawObject
OsThunkDdQueryDirectDrawObject
OsThunkDdLock
OsThunkDdGetBltStatus
OsThunkDdCreateSurfaceObject
OsThunkD3dContextDestroyAll
OsThunkD3dDrawPrimitives2
OsThunkDdSetGammaRamp
OsThunkDdWaitForVerticalBlank
OsThunkDdBeginMoCompFrame
OsThunkD3dContextDestroy
OsThunkDdCreateMoComp
OsThunkDdGetInternalMoCompInfo
OsThunkDdCreateSurfaceEx
OsThunkDdUnlockD3D
OsThunkDdQueryMoCompStatus
OsThunkDdBlt
OsThunkDdReleaseDC
OsThunkD3dContextCreate
OsThunkDdAttachSurface
OsThunkDdCreateD3DBuffer
OsThunkDdGetAvailDriverMemory
OsThunkDdCreateSurface
OsThunkDdGetFlipStatus
OsThunkDdRenderMoComp
OsThunkDdGetDC
OsThunkDdDeleteSurfaceObject
OsThunkD3dValidateTextureStageState
OsThunkDdReenableDirectDrawObject
OsThunkDdLockD3D
OsThunkDdGetScanLine
OsThunkDdResetVisrgn
OsThunkDdDestroyMoComp
OsThunkDdFlip
OsThunkDdCanCreateD3DBuffer
OsThunkDdGetMoCompFormats

crypt32

CertCloseStore

kernel32

InterlockedDecrement
FreeLibrary
InitializeCriticalSection
WaitForSingleObject
SetThreadAffinityMask
QueryPerformanceCounter
lstrcpynA
GetProcAddress
ConnectNamedPipe
DisconnectNamedPipe
GetCurrentThread
SetEvent
OutputDebugStringA
VerifyVersionInfoA
GetPrivateProfileStringA
DebugBreak
InterlockedCompareExchange
Sleep
SetUnhandledExceptionFilter
GetTickCount
VirtualProtect
CloseHandle
GetNativeSystemInfo
CreateSemaphoreA
GetSystemTimeAsFileTime
TerminateProcess
VirtualAlloc
ReleaseMutex
GetCurrentProcessId
OpenMutexA
EnterCriticalSection
SetFilePointer
WaitNamedPipeA
CreateMutexA
CreateFileA
CreateEventA
LoadLibraryA
SetNamedPipeHandleState
GetFileSize
TlsGetValue
DisableThreadLibraryCalls
GetModuleHandleA
PeekNamedPipe
TlsAlloc
WaitForMultipleObjects
VerSetConditionMask
ReleaseSemaphore
SetErrorMode
TransactNamedPipe
CreateNamedPipeA
lstrcmpA
GetCurrentProcess
SetThreadPriority
InterlockedIncrement
ExitThread
GetTempPathA
WriteFile
UnhandledExceptionFilter
GetProcessAffinityMask
CreateThread
GetCurrentThreadId
GetLastError
VirtualFree
WideCharToMultiByte
DeleteCriticalSection
TlsSetValue
QueryPerformanceFrequency
LocalAlloc
GetSystemInfo
IsProcessorFeaturePresent
DeleteFileA
FlushFileBuffers
LeaveCriticalSection
MultiByteToWideChar
ResumeThread
GetVersionExA
GetSystemDirectoryA
MoveFileA
GetEnvironmentVariableA
GetModuleFileNameA
ReadFile
LocalFree
InterlockedExchange

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

msvcrt

free
fclose
_CxxThrowException
_snprintf
_except_handler3
floor
isalnum
_strlwr
strstr
malloc
calloc
__CxxFrameHandler
__dllonexit
fflush
_stricmp
sscanf
ceil
atoi
_CIpow
_onexit
fopen
_adjust_fdiv
_initterm
strchr
memmove
qsort
fwrite
realloc
_purecall
sprintf
_vsnprintf
wcsrchr

atmlib

ATMGetGlyphList

gdi32

SelectObject
SetStretchBltMode
StretchBlt
GetDIBits
GetNearestColor
CreateRectRgn
CreateDIBSection
GetRandomRgn
GdiEntry13
CreateDIBitmap
GetSystemPaletteEntries
DeleteDC
DeleteObject
GetDeviceGammaRamp
GetRegionData
BitBlt
GdiEntry1
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreateDCA

winmm

timeEndPeriod
timeBeginPeriod

user32

DefWindowProcA
OpenInputDesktop
SystemParametersInfoA
ReleaseDC
GetCursor
SendMessageA
GetMonitorInfoA
GetDesktopWindow
GetCursorPos
GetKeyState
LoadStringA
DestroyIcon
IsZoomed
PostMessageA
KillTimer
IsWindow
SetWindowLongA
PtInRect
SetWindowPos
CreateIconIndirect
CloseDesktop
SetTimer
GetWindowLongA
IsIconic
SetCursor
GetSystemMetrics
CallWindowProcA
OffsetRect
GetForegroundWindow
ClientToScreen
SetForegroundWindow
GetThreadDesktop
GetClientRect
GetDC
EnumDisplaySettingsA
IsWindowVisible
GetWindowDC
ShowWindow
wsprintfA
SetRect
ChangeDisplaySettingsA
GetWindowThreadProcessId
IntersectRect
SetCursorPos
mouse_event
GetUserObjectInformationA

ws2_32

WSAGetLastError

Sections

.textbss
Size: 78KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7d82fe0519938c944b660497f618537

Headers

File Characteristics

Imports

d3d8thk

crypt32

kernel32

version

msvcrt

atmlib

gdi32

winmm

user32

ws2_32

Sections

.textbss Size: 78KB - Virtual size: 448KB

.text Size: 512B - Virtual size: 436B

.rdata Size: 512B - Virtual size: 32B

.idata Size: 7KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 812B

.rsrc Size: 3KB - Virtual size: 3KB

.textbss
Size: 78KB - Virtual size: 448KB

.text
Size: 512B - Virtual size: 436B

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 7KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 812B

.rsrc
Size: 3KB - Virtual size: 3KB