45b41138f07f471fb383576da1b49fb5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45b41138f07f471fb383576da1b49fb5_JaffaCakes118
Size

1.9MB
MD5

45b41138f07f471fb383576da1b49fb5
SHA1

53580a81485c54b7d7775be799f5db3236eed8c3
SHA256

d332eeda57c45a7281df8c5bd93aa080ee3e2395b1ba677a06e42abe18fe385b
SHA512

313228220117afc788f2d8a3c6341e1e373296b633245f13af492247469e6d6982d7eaf136c37bf974b94fb80d1959a5af3df9dd7bf147013726e2fc8006fd49
SSDEEP

24576:bokClqU5aET7iuBIvJexRzp3XcWsVgToitzK34:bokCVaE3iTeFcW1m4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b41138f07f471fb383576da1b49fb5_JaffaCakes118

Files

45b41138f07f471fb383576da1b49fb5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33d2873011feb724c35cfd26e8904aae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Nevosoft\Quest\source\Debug\The Time Machine.pdb

Imports

kernel32

CompareStringW
CompareStringA
VirtualQuery
lstrlenA
GetTimeZoneInformation
SetEndOfFile
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
SetEnvironmentVariableA
GetStringTypeA
GetDateFormatA
GetTimeFormatA
FlushFileBuffers
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
CreateFileW
SetStdHandle
GetFileSize
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
LockResource
LoadResource
SizeofResource
FindResourceA
FindResourceW
IsProcessorFeaturePresent
GetExitCodeThread
WaitForSingleObject
CloseHandle
GetStringTypeW
RtlUnwind
SetFilePointer
SetHandleCount
GetConsoleMode
GetConsoleCP
MoveFileExA
OutputDebugStringW
GlobalAlloc
CreateFileA
WriteFile
GlobalFree
LocalAlloc
CreateThread
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
LoadLibraryA
FreeLibrary
IsValidCodePage
GetOEMCP
GetACP
Sleep
CreateMutexA
GetLastError
VirtualAlloc
VirtualFree
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
MultiByteToWideChar
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
HeapValidate
IsBadReadPtr
GetProcAddress
GetModuleHandleA
ExitProcess
DeleteFileA
ReadFile
WriteConsoleW
GetFileType
GetStdHandle
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetCurrentThread
FatalAppExitA
DebugBreak
OutputDebugStringA
SetConsoleCtrlHandler
LoadLibraryW
GetModuleFileNameA
HeapReAlloc
HeapDestroy
HeapCreate

user32

SetActiveWindow
SetWindowLongA
SetWindowPos
ShowWindow
GetCursorPos
EnableWindow
BeginPaint
EndPaint
InvalidateRect
GetDlgItem
GetDlgItemTextW
SetDlgItemTextW
SetDlgItemTextA
GetAsyncKeyState
CheckDlgButton
SendMessageA
GetDlgItemTextA
CreateDialogParamA
GetWindowTextA
SetWindowTextA
PostQuitMessage
wsprintfW
SetWindowTextW
GetDC
LoadImageA
MessageBoxA
SetClassLongA
SetForegroundWindow
SetFocus
PeekMessageA
PostMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
GetDesktopWindow
CreateWindowExA
DefWindowProcA
DestroyWindow
UnregisterClassA
GetWindowRect
GetClientRect
GetSystemMetrics

gdi32

GetDIBits
BitBlt
SetBkMode
Rectangle
CreateCompatibleDC
SetStretchBltMode
SelectObject
StretchBlt
DeleteDC
CreateBitmap
GetObjectA
DeleteObject
GetStockObject
CreateCompatibleBitmap

shell32

SHGetFolderPathA

bass

BASS_StreamPlay
BASS_ChannelStop
BASS_ChannelSetAttributes
BASS_Pause
BASS_SetGlobalVolumes
BASS_Stop
BASS_Free
BASS_Init
BASS_Start
BASS_ChannelGetAttributes
BASS_ChannelResume
BASS_ChannelPause
BASS_SamplePlayEx
BASS_ChannelIsActive
BASS_SampleLoad
BASS_SampleStop
BASS_StreamCreateFile

winmm

timeGetTime

d3d8

Direct3DCreate8

comctl32

ord16
ord17

msimg32

AlphaBlend

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33d2873011feb724c35cfd26e8904aae

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

bass

winmm

d3d8

comctl32

msimg32

advapi32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 32KB - Virtual size: 4.7MB

.idata Size: 8KB - Virtual size: 7KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 32KB - Virtual size: 4.7MB

.idata
Size: 8KB - Virtual size: 7KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 28KB - Virtual size: 27KB