68eaaa2e80972d2d9ff7ce29f5905314_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

68eaaa2e80972d2d9ff7ce29f5905314_JaffaCakes118
Size

4.4MB
MD5

68eaaa2e80972d2d9ff7ce29f5905314
SHA1

14a6c03dcb93d228a9477790c90e23d5a738e48a
SHA256

49b1e084eb997c3087ad9c7c35ba7f76dec4fc74f6585d8b48fc2a43e114b5bb
SHA512

4377d077c01b825110dbd9e17f58bc4dd54ac004706a119763fa73506192aa9fe52945b556481a6dd52fe135042ea4a3a082b5e24a056b4f6f2123db9b5a8916
SSDEEP

98304:ia90wCNKq0MmXShTYQAZTAxh+FC0+nt26l14/4FyHTJCgi:P0FKqrnlnF8J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68eaaa2e80972d2d9ff7ce29f5905314_JaffaCakes118

Files

68eaaa2e80972d2d9ff7ce29f5905314_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7f5df663057b11d10b7fe2152fcef20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA

dinput8

DirectInput8Create

gdi32

GetObjectA
SelectPalette
RealizePalette
GetDIBits
GetSystemPaletteEntries
CreatePalette
GetDeviceCaps
BitBlt
AddFontResourceA
ExtTextOutA
CreateCompatibleBitmap
SetTextColor
SetBkColor
SetTextAlign
SetMapMode
DeleteDC
CreateCompatibleDC
CreateFontA
SelectObject
DeleteObject
GetStockObject
SetBkMode
SetROP2
EnumFontFamiliesA
GetTextExtentPoint32A
CreateDCA
CreateDIBSection
TextOutA

imm32

ImmReleaseContext
ImmGetContext
ImmIsIME
ImmAssociateContext
ImmSetStatusWindowPos

kernel32

GetModuleHandleA
WideCharToMultiByte
lstrlenW
InterlockedIncrement
InterlockedDecrement
GlobalUnlock
GlobalLock
GlobalReAlloc
GetTempFileNameA
SetThreadPriority
CreateEventA
GetSystemTime
WaitForSingleObject
SetEndOfFile
TerminateThread
SetLastError
GetCurrentProcess
VirtualFree
GetVersion
VirtualAlloc
IsBadReadPtr
GetCurrentThreadId
CopyFileA
GetWindowsDirectoryA
SetThreadAffinityMask
GetCurrentThread
CreateMutexA
GlobalMemoryStatus
CreateFileMappingA
MapViewOfFile
GetLocaleInfoW
SetEnvironmentVariableA
CreateThread
TerminateProcess
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetOEMCP
GetACP
HeapSize
TlsGetValue
TlsAlloc
TlsSetValue
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
GetStartupInfoA
MoveFileA
GetFileAttributesA
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
RaiseException
GetTimeZoneInformation
ExitProcess
RtlUnwind
InterlockedExchange
GetSystemDefaultLangID
CreateProcessA
GetExitCodeProcess
HeapFree
CreateFileW
UnmapViewOfFile
MultiByteToWideChar
GetProcAddress
OpenProcess
LoadLibraryA
FreeLibrary
GetPrivateProfileIntA
IsBadCodePtr
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
CreateDirectoryA
FindFirstFileA
FindClose
lstrcpynA
GetTickCount
lstrcpyA
GetLastError
lstrcatA
DeleteFileA
GetLocalTime
SetFilePointer
ReadFile
GetFileSize
GlobalAlloc
GlobalFree
GetModuleFileNameA
WriteFile
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExA
Sleep
MulDiv
CreateFileA
CloseHandle
lstrcmpA
EnterCriticalSection
LeaveCriticalSection
lstrlenA
SetCurrentDirectoryA
lstrcmpiA
SetStdHandle

oleaut32

SysAllocString
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopy
VariantChangeType
VariantClear
VariantInit

shell32

ShellExecuteA

user32

RegisterClassExA
FlashWindow
SetRect
PtInRect
BeginPaint
RegisterClassA
LoadCursorA
GetClassInfoA
RemovePropA
SetPropA
GetPropA
UnregisterClassA
TranslateMessage
IsRectEmpty
GetDoubleClickTime
LoadIconA
GetWindowRect
ClipCursor
DestroyWindow
GetCursor
SetCursor
EnumWindows
CharUpperA
IsWindowVisible
ReleaseDC
GetDC
SendMessageA
PeekMessageA
EndPaint
GetSystemMetrics
DispatchMessageA
SetActiveWindow
CopyRect
ScreenToClient
SetWindowLongA
CreateWindowExA
GetKeyboardLayout
CallWindowProcA
SetFocus
SetWindowTextA
MoveWindow
GetWindowTextA
CharLowerA
wsprintfA
MessageBoxA
GetActiveWindow
DefWindowProcA
GetClientRect
PostQuitMessage
ShowCursor
GetCursorPos
SetWindowPos
ChangeDisplaySettingsA
AdjustWindowRect
EnumDisplaySettingsA
GetWindowLongA
SetRectEmpty
EqualRect
GetAsyncKeyState
SetCursorPos
ClientToScreen
SetForegroundWindow
ShowWindow
GetParent
InvalidateRect
UpdateWindow
GetWindowThreadProcessId
GetClassNameA

winmm

PlaySoundA
timeGetTime

wsock32

send
ntohs
inet_ntoa
recv
ioctlsocket
htons
socket
WSAGetLastError
htonl
connect
WSAAsyncSelect
closesocket
WSACleanup
WSAStartup
gethostname
gethostbyname
inet_addr
ntohl
setsockopt
getsockname

d3d8

Direct3DCreate8

mss32

_AIL_set_redist_directory@4
_AIL_quick_startup@20
_AIL_quick_handles@12
_AIL_set_digital_master_room_type@8
_AIL_set_DirectSound_HWND@8
_AIL_enumerate_3D_providers@12
_AIL_open_3D_provider@4
_AIL_open_3D_listener@4
_AIL_set_3D_orientation@28
_AIL_set_3D_sample_loop_count@8
_AIL_quick_play@8
_AIL_start_3D_sample@4
_AIL_set_stream_position@8
_AIL_start_stream@4
_AIL_set_3D_position@16
_AIL_quick_set_volume@12
_AIL_quick_halt@4
_AIL_quick_shutdown@0
_AIL_pause_stream@8
_AIL_set_3D_sample_volume@8
_AIL_set_stream_volume_levels@12
_AIL_quick_status@4
_AIL_3D_sample_status@4
_AIL_stream_status@4
_AIL_file_read@8
_AIL_file_size@4
_AIL_file_type@8
_AIL_decompress_ASI@24
_AIL_WAV_info@8
_AIL_decompress_ADPCM@12
_AIL_quick_load_mem@8
_AIL_allocate_3D_sample_handle@4
_AIL_set_3D_sample_file@8
_AIL_open_stream@12
_AIL_set_stream_loop_count@8
_AIL_quick_unload@4
_AIL_release_3D_sample_handle@4
_AIL_close_stream@4
_AIL_mem_free_lock@4
_AIL_end_3D_sample@4

ole32

CoCreateInstance
CoUninitialize
CLSIDFromString
CoInitialize

Exports

Exports

fcEXP

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 274KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 271KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d7f5df663057b11d10b7fe2152fcef20

Headers

File Characteristics

Imports

advapi32

dinput8

gdi32

imm32

kernel32

oleaut32

shell32

user32

winmm

wsock32

d3d8

mss32

ole32

Exports

Exports

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.data Size: 274KB - Virtual size: 276KB

Size: 271KB - Virtual size: 1.8MB

.rsrc Size: 28KB - Virtual size: 28KB

.idata Size: 7KB - Virtual size: 8KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.data
Size: 274KB - Virtual size: 276KB

.rsrc
Size: 28KB - Virtual size: 28KB

.idata
Size: 7KB - Virtual size: 8KB