49a4f5c532f36ce583203650611809ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49a4f5c532f36ce583203650611809ab_JaffaCakes118
Size

2.9MB
MD5

49a4f5c532f36ce583203650611809ab
SHA1

d6e6418d70bc4e2b65445c2a479266319df083d8
SHA256

e49dd6e7b86a5561ca721f5c264abbcbfdbf176667545abae28009e6334ca0a8
SHA512

2efa4304b2ff265b35d39a0023085aa3d78d39b15b719890a73126d506b8a2b05bdfca3bf2247290e5ab4ee2c2884eb79d0789796876a4d06a419c09ce44da49
SSDEEP

49152:uU3QlSPqb9Ho+CePbniH5iVXh+zbzQPAb2H51701y:bwJb9I+CeP7o8X4f0PAbe37gy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49a4f5c532f36ce583203650611809ab_JaffaCakes118

Files

49a4f5c532f36ce583203650611809ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4039ca5026f9a40dcb3feae8689ba45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextAlign
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
ExtTextOutA
SetTextColor
SetMapMode
GetCharacterPlacementA
SelectObject
DeleteDC
CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
GetObjectA
DeleteObject
MoveToEx
CreateCompatibleDC
ExtTextOutW
GetCharacterPlacementW
SetBkColor
GetStockObject

shell32

ShellExecuteA

dinput8

DirectInput8Create

kernel32

GetStringTypeA
GetStringTypeW
GetVersionExA
GetCPInfo
GetLocaleInfoA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
lstrcmpiA
EnumSystemLocalesA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
SetHandleCount
GetStdHandle
SetStdHandle
GetProcAddress
SetUnhandledExceptionFilter
HeapSize
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetUserDefaultLCID
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
LoadLibraryA
GetTimeZoneInformation
GetLocaleInfoW
SetEnvironmentVariableA
InterlockedCompareExchange
InitializeCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
CreateFileW
CreateEventA
MultiByteToWideChar
GetModuleHandleA
FindFirstFileA
FindNextFileA
WideCharToMultiByte
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadAffinityMask
GetCurrentThread
Sleep
LockResource
DeleteCriticalSection
SizeofResource
LoadResource
FindResourceA
InterlockedExchange
OutputDebugStringA
GetFileType
GetLastError
GetFileSize
GetSystemInfo
CloseHandle
SetFilePointer
SetEndOfFile
GetLocalTime
CreateFileA
ReadFile
WriteFile
CreateProcessA
MapViewOfFile
LeaveCriticalSection
GetFullPathNameA
UnmapViewOfFile
CreateFileMappingA
WaitForSingleObject
GetExitCodeProcess
GetCurrentProcessId
GetFileAttributesA
GetSystemTime
GetSystemTimeAsFileTime
MoveFileA
DeleteFileA
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcessHeap

user32

IsDlgButtonChecked
PeekMessageA
TranslateMessage
DispatchMessageA
SetCursor
LoadIconA
LoadCursorA
RegisterClassExA
AdjustWindowRect
CreateWindowExA
ShowWindow
UpdateWindow
SetWindowTextA
DialogBoxParamA
GetWindowRect
GetSystemMetrics
MoveWindow
EndDialog
CheckDlgButton
GetDlgItem
EnableWindow
PostQuitMessage
GetClientRect
IsCharAlphaNumericA
DefWindowProcA
SetRect

ole32

CoCreateInstance
OleUninitialize
OleInitialize
OleCreate
OleSetContainedObject
CoUninitialize
CoInitialize

oleaut32

SysAllocString
VariantClear

comctl32

ord17

winmm

mmioAscend
mmioClose
mmioWrite
mmioAdvance
mmioSetInfo
mmioSeek
mmioCreateChunk
mmioGetInfo
mmioDescend
mmioRead
mmioOpenA
timeGetTime

d3d9

Direct3DCreate9

ddraw

DirectDrawCreate

dsound

ord11

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 420KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 84KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e4039ca5026f9a40dcb3feae8689ba45

Headers

File Characteristics

Imports

gdi32

shell32

dinput8

kernel32

user32

ole32

oleaut32

comctl32

winmm

d3d9

ddraw

dsound

advapi32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 420KB - Virtual size: 417KB

.data Size: 84KB - Virtual size: 117KB

STLPORT_ Size: 4KB - Virtual size: 32B

.sxdata Size: 4KB - Virtual size: 8B

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 420KB - Virtual size: 417KB

.data
Size: 84KB - Virtual size: 117KB

STLPORT_
Size: 4KB - Virtual size: 32B

.sxdata
Size: 4KB - Virtual size: 8B

.rsrc
Size: 100KB - Virtual size: 100KB