363efa13cbecd9e059f6d284585cd234_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

363efa13cbecd9e059f6d284585cd234_JaffaCakes118
Size

1.5MB
MD5

363efa13cbecd9e059f6d284585cd234
SHA1

5ee9759c040e0d18adbe3b8418078385a8bced9c
SHA256

2984beb1ebc21b281392d437e5ff4a3a4c9828a240af8de0c4f878a71171d76f
SHA512

0c8044dc99feb31fb85d9c6e87a9d09120128ce0fa9b02800e3c0b7d06188b36ed74882dbefa78654bb56c11502ce641fbe525b948bc3e0a6c4ad371bbc5ff1e
SSDEEP

24576:QyFsVM/YEcxglT6QCE6rt598pIOd1uHvWxHEl8VjAQmc4ncMnyYoFOYQt4JE9r5E:QSY9xglirtkKOWWzMUOHtZ9r5avB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
363efa13cbecd9e059f6d284585cd234_JaffaCakes118

Files

363efa13cbecd9e059f6d284585cd234_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3065ec3b76b7639b87636e4552e8c684

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

d3d8

Direct3DCreate8

d3dxof

DirectXFileCreate

winmm

timeEndPeriod
timeBeginPeriod
timeKillEvent
timeGetTime
timeSetEvent

comctl32

ord17

kernel32

IsProcessorFeaturePresent
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile
SetStdHandle
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetOEMCP
FlushFileBuffers
SetFilePointer
IsBadWritePtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
HeapSize
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
RaiseException
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetExitCodeProcess
CreateFileW
GetFileSize
GetProcessHeap
HeapValidate
WriteFile
ReadFile
InterlockedDecrement
InterlockedIncrement
MulDiv
CreateFileMappingA
MapViewOfFile
CreateProcessA
GetEnvironmentVariableA
UnmapViewOfFile
GetCurrentProcessId
Sleep
GetFileAttributesA
WideCharToMultiByte
QueryPerformanceFrequency
QueryPerformanceCounter
GetLocalTime
GetSystemTime
GetTimeZoneInformation
IsBadReadPtr
RtlUnwind
GetCurrentThread
CreateFileA
CloseHandle
lstrcatA
MultiByteToWideChar
lstrlenA
GetCurrentDirectoryA
GetFullPathNameA
lstrcmpiA
GetModuleHandleA
GetLastError
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateDirectoryA
lstrcpyA
lstrcmpA
GetTickCount
GetPrivateProfileStringA
GetThreadPriority
SetThreadPriority
GetACP
VirtualFree
VirtualAlloc
SetEvent
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ResetEvent
WaitForMultipleObjects
GetCurrentThreadId
CreateEventA
GetCurrentProcess
WaitForSingleObject

user32

MsgWaitForMultipleObjects
GetQueueStatus
PostThreadMessageA
ScreenToClient
GetClientRect
GetCursorPos
SendMessageA
GetDlgItem
RegisterWindowMessageA
MessageBoxA
LoadAcceleratorsA
PeekMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
SetWindowLongA
SetMenu
GetClassLongA
ClipCursor
GetMenu
DestroyMenu
DestroyWindow
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
SetRect
AdjustWindowRect
CreateWindowExA
GetWindowLongA
GetWindowRect
GetIconInfo
GetDC
ReleaseDC
GetSystemMetrics
CheckDlgButton
SetWindowPos
ClientToScreen
PtInRect
SetCursor
GetKeyState
wsprintfA
IsDlgButtonChecked
EnableWindow
CheckRadioButton
EndDialog
DialogBoxParamA
PostMessageA

gdi32

SetMapMode
GetDeviceCaps
CreateFontA
SetTextColor
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
GetStockObject
GetObjectA
CreateCompatibleDC
SelectObject
GetDIBits
DeleteObject
DeleteDC
CreateDIBSection

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
CoFreeUnusedLibraries
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize

bass

BASS_SampleGetChannel
BASS_SampleStop
BASS_ChannelIsActive
BASS_ChannelStop
BASS_SampleLoad
BASS_StreamCreateFile
BASS_ChannelPlay
BASS_Init
BASS_Start
BASS_ChannelSetAttributes
BASS_StreamFree
BASS_Stop
BASS_Free
BASS_ChannelGetAttributes
BASS_SampleFree

avifil32

AVIStreamStart
AVIStreamGetFrame
AVIStreamLength
AVIStreamGetFrameOpen
AVIFileInit
AVIStreamGetFrameClose
AVIStreamRelease
AVIFileRelease
AVIFileExit
AVIFileInfoA
AVIFileOpenA
AVIFileGetStream

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 128KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3065ec3b76b7639b87636e4552e8c684

Headers

File Characteristics

Imports

dinput8

d3d8

d3dxof

winmm

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

bass

avifil32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 128KB - Virtual size: 137KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 128KB - Virtual size: 137KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 112KB - Virtual size: 112KB