6a418159ec4791879475c54ebccc1721_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a418159ec4791879475c54ebccc1721_JaffaCakes118
Size

127KB
MD5

6a418159ec4791879475c54ebccc1721
SHA1

41a29dbc951e38737a3389545844777d83b9cd18
SHA256

6e4c9dc3611085863a5a54dab81afd0cb12f1319e13b0a743dbcae0c456db174
SHA512

5ae20387f9bc20fc9b58600de45b3ab727a0879c861fa4296acd36f8bde3549e014500dad861b903d4ee5e5586cd256a30de2e81cf41fd82da19f9ae05aa2f1d
SSDEEP

3072:2GMBatp29gMac++viGVi/B+pnMz7f49r1cCHOaOrAUySTQJ:FMY+qK+yRVewMo9rMdySK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a418159ec4791879475c54ebccc1721_JaffaCakes118

Files

6a418159ec4791879475c54ebccc1721_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eebe968c8e924042830711f67cd2b168

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClientRect
SetWindowLongA
GetForegroundWindow
GetWindowDC
DefWindowProcA
IntersectRect
SetWindowPos
GetDC
IsZoomed
GetUserObjectInformationA
CreateIconIndirect
GetKeyState
LoadStringA
SetRect
ShowWindow
SetForegroundWindow
CloseDesktop
ReleaseDC
SetCursorPos
PtInRect
GetWindowThreadProcessId
PostMessageA
IsIconic
IsWindowVisible
KillTimer
wsprintfA
GetMonitorInfoA
GetWindowLongA
GetThreadDesktop
DestroyIcon
GetCursor
OffsetRect
OpenInputDesktop
SystemParametersInfoA
CallWindowProcA
ClientToScreen
IsWindow
GetCursorPos
EnumDisplaySettingsA
GetDesktopWindow
SetTimer
ChangeDisplaySettingsA
mouse_event
SendMessageA
GetSystemMetrics
SetCursor

winmm

timeEndPeriod
timeBeginPeriod

dhcpcsvc

DhcpAcquireParameters

activeds

ADsGetObject

gdi32

GdiEntry13
GetDIBits
GetRegionData
GetNearestColor
StretchBlt
CreateRectRgn
DeleteObject
CreateCompatibleDC
BitBlt
GetSystemPaletteEntries
GetRandomRgn
CreateDIBitmap
SelectObject
GetDeviceCaps
CreateCompatibleBitmap
CreateDIBSection
SetStretchBltMode
CreateDCA
GdiEntry1
DeleteDC
GetDeviceGammaRamp

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

msvcrt

_vsnprintf
sscanf
fwrite
realloc
_CxxThrowException
isalnum
__CxxFrameHandler
strchr
calloc
_CIpow
malloc
_snprintf
atoi
_purecall
__dllonexit
memmove
_strlwr
free
strstr
fopen
ceil
floor
sprintf
_stricmp
_adjust_fdiv
qsort
fflush
wcsrchr
_initterm
fclose
_onexit
_except_handler3

advapi32

RegCreateKeyExA
RegEnumValueA
RegSetValueExA
RegOpenKeyExA
GetSidSubAuthority
AddAccessAllowedAce
RegDeleteValueA
RegOpenKeyA
RegCloseKey
InitializeAcl
RegQueryInfoKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetLengthSid
InitializeSid
RegQueryValueExA
GetSidLengthRequired

d3d8thk

OsThunkD3dContextDestroy
OsThunkDdSetExclusiveMode
OsThunkDdCreateSurface
OsThunkDdQueryDirectDrawObject
OsThunkDdResetVisrgn
OsThunkDdGetDriverInfo
OsThunkDdEndMoCompFrame
OsThunkD3dValidateTextureStageState
OsThunkDdRenderMoComp
OsThunkDdCreateMoComp
OsThunkDdWaitForVerticalBlank
OsThunkDdCanCreateD3DBuffer
OsThunkDdReleaseDC
OsThunkDdDestroySurface
OsThunkDdAttachSurface
OsThunkDdDeleteSurfaceObject
OsThunkDdGetMoCompBuffInfo
OsThunkDdCreateSurfaceObject
OsThunkDdBlt
OsThunkDdGetMoCompGuids
OsThunkDdGetMoCompFormats
OsThunkDdLock
OsThunkD3dContextCreate
OsThunkDdSetGammaRamp
OsThunkDdDestroyMoComp
OsThunkDdCreateD3DBuffer
OsThunkDdFlipToGDISurface
OsThunkDdCanCreateSurface
OsThunkDdGetAvailDriverMemory
OsThunkDdGetScanLine
OsThunkDdUnlock
OsThunkDdGetDriverState
OsThunkDdDeleteDirectDrawObject
OsThunkD3dContextDestroyAll
OsThunkDdQueryMoCompStatus
OsThunkDdFlip
OsThunkD3dDrawPrimitives2
OsThunkDdBeginMoCompFrame
OsThunkDdDestroyD3DBuffer
OsThunkDdLockD3D
OsThunkDdGetInternalMoCompInfo
OsThunkDdUnlockD3D
OsThunkDdGetDC
OsThunkDdGetFlipStatus
OsThunkDdCreateSurfaceEx
OsThunkDdReenableDirectDrawObject
OsThunkDdGetBltStatus

kernel32

SetThreadPriority
VirtualProtect
MoveFileA
GetProcAddress
GetSystemInfo
ReadFile
Sleep
WriteFile
lstrcmpA
GetCurrentThreadId
SetUnhandledExceptionFilter
GetVersionExA
GetModuleHandleA
UnhandledExceptionFilter
OutputDebugStringA
GetSystemTimeAsFileTime
CreateEventA
GetTickCount
VerSetConditionMask
MultiByteToWideChar
CloseHandle
GetCurrentProcessId
GetTempPathA
LocalAlloc
InitializeCriticalSection
TlsAlloc
TransactNamedPipe
SetErrorMode
ConnectNamedPipe
TlsSetValue
EnterCriticalSection
lstrcpynA
InterlockedDecrement
LoadLibraryA
ResumeThread
QueryPerformanceFrequency
CreateThread
GetEnvironmentVariableA
InterlockedExchange
GetFileSize
GetSystemDirectoryA
DeleteFileA
CreateNamedPipeA
CreateSemaphoreA
GetLastError
GetPrivateProfileStringA
IsProcessorFeaturePresent
VirtualAlloc
CreateFileA
DisableThreadLibraryCalls
ReleaseSemaphore
InterlockedIncrement
FreeConsole
LeaveCriticalSection
WaitForSingleObject
PeekNamedPipe
ReleaseMutex
GetModuleFileNameA
VerifyVersionInfoA
GetNativeSystemInfo
GetProcessAffinityMask
InterlockedCompareExchange
WideCharToMultiByte
DebugBreak
OpenMutexA
WaitForMultipleObjects
CreateMutexA
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
SetNamedPipeHandleState
TlsGetValue
GetCurrentThread
FlushFileBuffers
DeleteCriticalSection
SetEvent
ExitThread
VirtualFree
FreeLibrary
LocalFree
WaitNamedPipeA
DisconnectNamedPipe
SetThreadAffinityMask

dinput

DirectInputCreateA

Sections

.textbss
Size: 78KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eebe968c8e924042830711f67cd2b168

Headers

File Characteristics

Imports

user32

winmm

dhcpcsvc

activeds

gdi32

version

msvcrt

advapi32

d3d8thk

kernel32

dinput

Sections

.textbss Size: 78KB - Virtual size: 448KB

.text Size: 512B - Virtual size: 448B

.rdata Size: 512B - Virtual size: 32B

.idata Size: 7KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 808B

.rsrc Size: 39KB - Virtual size: 38KB

.textbss
Size: 78KB - Virtual size: 448KB

.text
Size: 512B - Virtual size: 448B

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 7KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 808B

.rsrc
Size: 39KB - Virtual size: 38KB