61f8fc9b41ecaa00fde45013d144d6bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

61f8fc9b41ecaa00fde45013d144d6bb_JaffaCakes118
Size

3.0MB
MD5

61f8fc9b41ecaa00fde45013d144d6bb
SHA1

caade84fe2f1c384553a450e60894d3e72f69bdc
SHA256

f5eb26046f40892ecea18746e4ced2183a776a43ab6cfae7de37efe9ba6c8f2e
SHA512

d0b1aaa1f1a1bc4446ee9c70ea059bab5a7514fb17cbf1cf892ac15d168b26d07b97477acd11b4ec45167f3b07efaa958dca3cd17b16b6dd905b686857ed0f93
SSDEEP

49152:aYAxa9JLlitgC6CEu0S1q8Tc0UAAHcta74spz:vAxa9Jpitg0d1PTBAHcqll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61f8fc9b41ecaa00fde45013d144d6bb_JaffaCakes118

Files

61f8fc9b41ecaa00fde45013d144d6bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab4d2aa3e3eaeecd31770742dc4125dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dinput

DirectInputCreateA

binkw32

_BinkDoFrame@4
_BinkCopyToBuffer@28
_BinkDDSurfaceType@4
_BinkWait@4
_BinkPause@8
_BinkGoto@12
_BinkClose@4
_BinkOpenDirectSound@4
_BinkSetSoundSystem@8
_BinkOpen@8
_BinkNextFrame@4

kernel32

lstrcatA
LocalFree
LocalLock
FormatMessageA
GetSystemDirectoryA
GetVersionExA
GetCurrentProcessId
OpenProcess
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentDirectoryA
FileTimeToSystemTime
IsDBCSLeadByte
GetTickCount
GetSystemTime
GlobalMemoryStatus
SetPriorityClass
CreateProcessA
CreateMutexA
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
SetFilePointer
SetEndOfFile
ResumeThread
ResetEvent
GetExitCodeProcess
WaitForMultipleObjects
CreateEventA
OpenEventA
CreateDirectoryA
GetCurrentThreadId
OpenMutexA
TerminateThread
ReleaseMutex
GetComputerNameA
lstrlenA
lstrcmpA
ExitProcess
IsBadReadPtr
GetModuleFileNameW
OpenFileMappingA
LoadLibraryExA
CopyFileA
GetTempFileNameA
GetTempPathA
HeapFree
DeleteFileA
HeapAlloc
GetFileInformationByHandle
DuplicateHandle
SetStdHandle
WriteFile
CreateFileA
GetFileSize
VirtualAlloc
ReadFile
CloseHandle
SetEvent
VirtualFree
CreatePipe
GetStdHandle
PeekNamedPipe
lstrcpyA
InterlockedExchange
RtlUnwind
TlsSetValue
TlsGetValue
ExitThread
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
WideCharToMultiByte
GetUserDefaultLangID
InterlockedDecrement
WaitForSingleObject
SetThreadPriority
InterlockedIncrement
GetModuleHandleA
GetModuleFileNameA
GetCurrentProcess
GetCurrentThread
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
CreateThread
Sleep
GetLastError
FindFirstFileA
FindClose
FindNextFileA
lstrcmpiA
VirtualProtect
FreeLibrary
LoadLibraryA
GetProcAddress
GetLocalTime
GetProcessHeap
HeapCompact
MultiByteToWideChar
OutputDebugStringA
GetOEMCP
IsBadCodePtr
SetLastError
GetEnvironmentVariableA
GetACP
GetEnvironmentStringsW
GetEnvironmentStrings
SetEnvironmentVariableA
GetLocaleInfoW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetConsoleCtrlHandler
GetUserDefaultLCID
EnumSystemLocalesA
GetFullPathNameA
GetDriveTypeA
GetFileAttributesA
RemoveDirectoryA
SetFileAttributesA
TerminateProcess
MoveFileA
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
FatalAppExitA
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
FlushFileBuffers
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
CompareStringW
GetFileType
SetHandleCount
IsBadWritePtr
HeapCreate
HeapDestroy
HeapSize

user32

SendMessageA
MoveWindow
GetWindowRect
SetWindowTextA
EndDialog
MessageBoxA
ShowWindow
SetWindowLongA
ClientToScreen
GetClientRect
SetRect
RedrawWindow
DrawMenuBar
GetDC
GetSystemMetrics
CharNextExA
CharPrevExA
GetKeyState
wsprintfA
ShowCursor
DestroyWindow
FindWindowA
LoadIconA
LoadCursorA
RegisterClassA
AdjustWindowRect
CreateWindowExA
UpdateWindow
GetKeyboardType
ValidateRect
SetCursor
GetActiveWindow
IsIconic
GetCursorPos
ScreenToClient
DefWindowProcA
SetFocus
PeekMessageA
TranslateMessage
DispatchMessageA
GetClipboardData
GetKeyboardLayout
DialogBoxParamA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetDlgItem
GetAsyncKeyState

gdi32

GetStockObject
CreatePolygonRgn
CreateSolidBrush
FillRgn
TextOutA
TextOutW
GetTextExtentPoint32W
SetTextColor
GetCurrentObject
SetBkMode
EnumFontFamiliesExA
CreateFontA
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC

advapi32

CryptDecrypt
CryptGetHashParam
CryptVerifySignatureA
RegEnumValueA
RegDeleteValueA
GetUserNameA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptImportKey
CryptEncrypt
CryptHashData
CryptReleaseContext
CryptDeriveKey
CryptDestroyHash
CryptDestroyKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
CryptAcquireContextA
CryptCreateHash

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize

ddraw

DirectDrawCreateEx

ijl15

ord5
ord3
ord4
ord2

ws2_32

closesocket
WSAGetLastError
connect
htons
inet_addr
ioctlsocket
socket
select
recv
send
WSACleanup
WSAStartup
inet_ntoa
sendto
gethostbyname
gethostname
ntohl
WSASend

mss32

_AIL_init_sample@4
_AIL_set_sample_file@12
_AIL_set_sample_volume@8
_AIL_start_sample@4
_AIL_end_sample@4
_AIL_end_3D_sample@4
_AIL_open_stream@12
_AIL_set_stream_loop_count@8
_AIL_start_stream@4
_AIL_pause_stream@8
_AIL_stream_volume@4
_AIL_set_stream_volume@8
_AIL_release_3D_sample_handle@4
_AIL_close_3D_listener@4
_AIL_sample_status@4
_AIL_release_sample_handle@4
_AIL_close_digital_driver@4
_AIL_shutdown@0
_AIL_set_redist_directory@4
_AIL_startup@0
_AIL_set_preference@8
_AIL_open_digital_driver@16
_AIL_allocate_sample_handle@4
_AIL_enumerate_3D_providers@12
_AIL_open_3D_provider@4
_AIL_3D_speaker_type@4
_AIL_set_3D_speaker_type@8
_AIL_open_3D_listener@4
_AIL_allocate_3D_sample_handle@4
_AIL_start_3D_sample@4
_AIL_set_3D_sample_distances@12
_AIL_set_3D_sample_volume@8
_AIL_close_3D_provider@4
_AIL_set_3D_orientation@28
_AIL_set_3D_position@16
_AIL_set_3D_sample_effects_level@8
_AIL_set_3D_sample_file@8
_AIL_3D_sample_status@4
_AIL_set_3D_room_type@8
_AIL_mem_free_lock@4
_AIL_decompress_ADPCM@12
_AIL_WAV_info@8
_AIL_decompress_ASI@24
_AIL_file_type@8
_AIL_3D_room_type@4
_AIL_close_stream@4

imm32

ImmReleaseContext
ImmGetContext
ImmGetCompositionStringW
ImmGetCompositionStringA
ImmGetCandidateListW
ImmGetVirtualKey
ImmNotifyIME

cps

uncompress
compress

granny2

_GrannyFreeCompletedModelControls@4
_GrannyGetSourceSkeleton@4
_GrannyNewMeshBinding@12
_GrannyCopyMeshIndices@12
_GrannyGetMeshVertexCount@4
_GrannyMeshIsRigid@4
GrannyPNT332VertexType
_GrannyCopyMeshVertices@12
_GrannyGetMeshVertexType@4
_GrannyNewMeshDeformer@12
_GrannyGetMaterialTextureByType@8
_GrannyInstantiateModel@4
_GrannyNewWorldPose@4
_GrannyTextureHasAlpha@4
GrannyRGBA8888PixelFormat
_GrannyBuildWorldPose@24
_GrannyGetSecondsElapsed@8
_GrannyFreeMeshDeformer@4
_GrannyFreeModelInstance@4
_GrannyFreeWorldPose@4
_GrannyFreeControl@4
_GrannyPlayControlledAnimation@12
_GrannySetControlLoopCount@8
_GrannySetControlActive@8
_GrannyVersionsMatch_@16
_GrannyReadEntireFileFromMemory@8
_GrannyGetFileInfo@4
_GrannyNewLocalPose@4
_GrannyFreeFileSection@8
_GrannyGetMeshIndexCount@4
_GrannyFreeLocalPose@4
_GrannyFreeFile@4
_GrannySampleModelAnimations@16
_GrannyCopyTextureImage@32
_GrannyGetControlDurationLeft@4
_GrannyGetSystemSeconds@0
_GrannyGetWorldPoseComposite4x4Array@4
_GrannyGetMeshBindingToBoneIndices@4
_GrannyGetMeshTriangleGroups@4
_GrannyGetWorldPoseComposite4x4@8
_GrannySetModelClock@8
_GrannyGetMeshVertices@4
_GrannyDeformVertices@24
_GrannyGetMeshBytesPerIndex@4
_GrannyGetMeshIndices@4
_GrannyFreeMeshBinding@4

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod
timeGetTime

netapi32

Netbios

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 216KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab4d2aa3e3eaeecd31770742dc4125dd

Headers

File Characteristics

Imports

dinput

binkw32

kernel32

user32

gdi32

advapi32

shell32

ole32

ddraw

ijl15

ws2_32

mss32

imm32

cps

granny2

winmm

netapi32

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 144KB - Virtual size: 141KB

.data Size: 216KB - Virtual size: 768KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 144KB - Virtual size: 141KB

.data
Size: 216KB - Virtual size: 768KB

.rsrc
Size: 8KB - Virtual size: 5KB