7037968699969dac5d9c26d4162e7188_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7037968699969dac5d9c26d4162e7188_JaffaCakes118
Size

2.2MB
MD5

7037968699969dac5d9c26d4162e7188
SHA1

d86e4cd80bc12b933eab73b3a0b027e6a1f1878d
SHA256

e56f4d60f666c3dc08cd0d7b92675775623ad942956f928905410e8709e65fe3
SHA512

107d6cff098f624b2eb39d22caf62853df8079a70f4c65304bf3bea0c1d9baa61cf7d8a7c5f43f4f3b8faff2fae4ff3893d987508f4dbfbc9cbef278dac4621b
SSDEEP

24576:w0bIHCWCqpkVEoA0BQtiRoJV7syi7dwH4K3RE7ciU7zLSXPAbPTkrf:voPHf0OlMwH4WurXPAbPT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7037968699969dac5d9c26d4162e7188_JaffaCakes118

Files

7037968699969dac5d9c26d4162e7188_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47393b0922a6f64621f49aa7adf34609

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\notts\projects\output\pc\motogp\motogp.pdb

Imports

binkw32

_BinkClose@4
_BinkDoFrame@4
_BinkOpen@8
_BinkCopyToBuffer@28
_BinkNextFrame@4

ws2_32

WSAGetLastError
WSAIoctl
WSAStartup
ioctlsocket
gethostname
select
setsockopt
WSACleanup
inet_ntoa
recvfrom
ntohl
htons
ntohs
sendto
bind
socket
closesocket
gethostbyname
inet_addr

dinput8

DirectInput8Create

kernel32

WaitForSingleObject
GetLocalTime
DeleteFileA
FindNextFileA
FindClose
RemoveDirectoryA
FindFirstFileA
CreateDirectoryA
GetOverlappedResult
GetFileSize
ReadFile
SetEndOfFile
CreateFileA
SetStdHandle
SetEvent
CreateEventA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
WaitForMultipleObjects
GetOEMCP
GetCPInfo
HeapAlloc
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GetTimeZoneInformation
CompareStringA
IsBadCodePtr
SetEnvironmentVariableA
GlobalMemoryStatus
SetPriorityClass
SetErrorMode
GetUserDefaultLangID
GetPriorityClass
SetThreadPriority
GetThreadPriority
CreateMutexA
QueryPerformanceFrequency
SetFilePointer
RaiseException
CloseHandle
FlushFileBuffers
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitThread
ResumeThread
CreateThread
SetUnhandledExceptionFilter
IsBadReadPtr
GetACP
CompareStringW

user32

TranslateMessage
SendMessageA
GetClientRect
LoadIconA
PostQuitMessage
SetTimer
GetMessageA
SetCursor
SetWindowPlacement
DestroyWindow
ClientToScreen
GetWindowPlacement
MessageBoxA
SetCursorPos
CreateWindowExA
PeekMessageA
DefWindowProcA
SetWindowPos
GetWindowRect
GetDesktopWindow
RegisterClassA
LoadCursorA
AdjustWindowRect
UpdateWindow
MessageBoxW
ShowWindow
DispatchMessageA

advapi32

RegSetValueExA
RegOpenKeyExA
GetUserNameA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

ole32

CoInitialize
CoUninitialize

d3d9

Direct3DCreate9

dsound

ord11

winmm

timeGetTime

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 120KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

47393b0922a6f64621f49aa7adf34609

Headers

File Characteristics

PDB Paths

Imports

binkw32

ws2_32

dinput8

kernel32

user32

advapi32

ole32

d3d9

dsound

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 364KB - Virtual size: 363KB

.data Size: 120KB - Virtual size: 2.0MB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 364KB - Virtual size: 363KB

.data
Size: 120KB - Virtual size: 2.0MB

.rsrc
Size: 10KB - Virtual size: 10KB