7717cd2d7ef1f5d243bbfbfefa8960dc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7717cd2d7ef1f5d243bbfbfefa8960dc_JaffaCakes118
Size

1.1MB
MD5

7717cd2d7ef1f5d243bbfbfefa8960dc
SHA1

77e20f574461f025519829e65bdf089b54c64195
SHA256

f1515625452d18289d965664a69b5a88b8da270feb5e45bf621fece411c3ce04
SHA512

d406f72806ba9c259d220e02865884e83f4f65d97272ebb94dc135e97a5f0b88829f326307822bd7f26cc97e2bf7002961c451b11c5e5f354e562ed4bb6d80e4
SSDEEP

24576:O5652Xt9c0Cf1iIJgzqnNZqcyBP15yQJWC/CAtuRGjNaxYHiV8TIm:O564P06KZqcOquCYj8xYClm

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SSF_012_beta_R1/SSF.exe
unpack001/SSF_012_beta_R1/SSFV_Encoder.dll
unpack001/SSF_012_beta_R1/SSFV_Reader.aui
unpack001/SSF_012_beta_R1/SSFa.exe
unpack001/SSF_012_beta_R1/ZIP_Decoder.dll

Files

7717cd2d7ef1f5d243bbfbfefa8960dc_JaffaCakes118
.zip
SSF_012_beta_R1/Readme.txt
SSF_012_beta_R1/SSF.exe
.exe windows:5 windows x86 arch:x86

9daa4564b363858598babeefb313f6c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ord6

comdlg32

GetOpenFileNameA

d3dcompiler_43

D3DReflect

d3d9

Direct3DCreate9

d3dx9_43

D3DXAssembleShader

dinput8

DirectInput8Create

gdi32

GetStockObject

imm32

ImmGetDefaultIMEWnd

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

user32

LoadCursorA
AdjustWindowRectEx
PostMessageA
ClientToScreen
SetCursor
GetMessageA
GetWindowRect
SetActiveWindow
CreateDialogParamA
SendDlgItemMessageA
SetForegroundWindow
LoadMenuA
SendMessageA
TranslateMessage
ShowCursor
CreateIcon
GetDlgItem
EndDialog
SetWindowPos
ShowWindow
SetMenu
ClipCursor
DispatchMessageA
UnhookWindowsHookEx
MapWindowPoints
UpdateWindow
EnableWindow
SetMenuItemInfoA
GetDlgItemTextA
DialogBoxParamA
DestroyIcon
MoveWindow
LoadStringA
GetAsyncKeyState
SetWindowTextA
SetDlgItemTextA
GetClientRect
GetMonitorInfoA
SetRect
DestroyWindow
RegisterClassExA
PostQuitMessage
MessageBoxA
CreateWindowExA
DefWindowProcA

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

kernel32

GetProcessHeap
SetEndOfFile
GetModuleHandleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
ReadFile
MultiByteToWideChar
RtlUnwind
RaiseException
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
TerminateThread
Sleep
GetProcAddress
LoadLibraryA
CloseHandle
SuspendThread
ResumeThread
CreateThread
FindFirstFileA
GetLastError
FindClose
FindNextFileA
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
SetEvent
GetCurrentThread
VirtualFree
GetPriorityClass
CreateEventA
GetFileAttributesA
CreateSemaphoreA
GetEnvironmentVariableA
SetThreadPriority
CreateDirectoryA
VirtualAlloc
ResetEvent
GetLocalTime
GetExitCodeThread
WaitForMultipleObjects
GetModuleFileNameA
DeleteCriticalSection
SetThreadAffinityMask
CreateFileA
GetDriveTypeA
GetLogicalDriveStringsA
DeviceIoControl
HeapFree
HeapAlloc
HeapReAlloc
DeleteFileA
GetCommandLineA
GetStartupInfoA
HeapCreate
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 834KB - Virtual size: 834KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 421KB - Virtual size: 164.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SSF_012_beta_R1/SSFV_Encoder.dll
.dll windows:5 windows x86 arch:x86

ff7f71604d24f7bf38da075f5fb55945

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetStartupInfoA
GetFullPathNameA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
CreateDirectoryA
GetLastError
CloseHandle
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

GetAvarageBitrate
GetFramePerSecond
Initialize
Release
WriteFrame

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SSF_012_beta_R1/SSFV_Reader.aui
.dll windows:5 windows x86 arch:x86

98e1bb14d523afbf42c3eaa48ce0dc8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetStartupInfoA
GetFullPathNameA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateDirectoryA
GetLastError
CloseHandle
HeapAlloc
GetCurrentThreadId
GetCommandLineA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
LoadLibraryA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

GetInputPluginTable

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SSF_012_beta_R1/SSFa.exe
.exe windows:5 windows x86 arch:x86

9daa4564b363858598babeefb313f6c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ord6

comdlg32

GetOpenFileNameA

d3dcompiler_43

D3DReflect

d3d9

Direct3DCreate9

d3dx9_43

D3DXAssembleShader

dinput8

DirectInput8Create

gdi32

GetStockObject

imm32

ImmGetDefaultIMEWnd

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

user32

LoadCursorA
AdjustWindowRectEx
PostMessageA
ClientToScreen
SetCursor
GetMessageA
GetWindowRect
SetActiveWindow
CreateDialogParamA
SendDlgItemMessageA
SetForegroundWindow
LoadMenuA
SendMessageA
TranslateMessage
ShowCursor
CreateIcon
GetDlgItem
EndDialog
SetWindowPos
ShowWindow
SetMenu
ClipCursor
DispatchMessageA
UnhookWindowsHookEx
MapWindowPoints
UpdateWindow
EnableWindow
SetMenuItemInfoA
GetDlgItemTextA
DialogBoxParamA
DestroyIcon
MoveWindow
LoadStringA
GetAsyncKeyState
SetWindowTextA
SetDlgItemTextA
GetClientRect
GetMonitorInfoA
SetRect
DestroyWindow
RegisterClassExA
PostQuitMessage
MessageBoxA
CreateWindowExA
DefWindowProcA

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

kernel32

GetProcessHeap
SetEndOfFile
GetModuleHandleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
ReadFile
MultiByteToWideChar
RtlUnwind
RaiseException
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
TerminateThread
Sleep
GetProcAddress
LoadLibraryA
CloseHandle
SuspendThread
ResumeThread
CreateThread
FindFirstFileA
GetLastError
FindClose
FindNextFileA
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
SetEvent
GetCurrentThread
VirtualFree
GetPriorityClass
CreateEventA
GetFileAttributesA
CreateSemaphoreA
GetEnvironmentVariableA
SetThreadPriority
CreateDirectoryA
VirtualAlloc
ResetEvent
GetLocalTime
GetExitCodeThread
WaitForMultipleObjects
GetModuleFileNameA
DeleteCriticalSection
SetThreadAffinityMask
CreateFileA
GetDriveTypeA
GetLogicalDriveStringsA
DeviceIoControl
HeapFree
HeapAlloc
HeapReAlloc
DeleteFileA
GetCommandLineA
GetStartupInfoA
HeapCreate
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 834KB - Virtual size: 834KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 421KB - Virtual size: 164.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SSF_012_beta_R1/ZIP_Decoder.dll
.dll windows:5 windows x86 arch:x86

964d90aba5b1693583539fc794b0916a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

InterlockedIncrement
GetLastError
DeleteFileA
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
RaiseException
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
MultiByteToWideChar
ReadFile
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
CloseHandle
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
CreateFileA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
SetEndOfFile
GetProcessHeap
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

Exports

Exports

DecodeFile
DecodeFile2
DecodeMemory
DecodeMemory2
GetFileNumber
GetRealFileSize
GetRealFilename
Initialize
Release

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9daa4564b363858598babeefb313f6c5

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

d3dcompiler_43

d3d9

d3dx9_43

dinput8

gdi32

imm32

ole32

user32

winmm

kernel32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 834KB - Virtual size: 834KB

.data Size: 421KB - Virtual size: 164.8MB

.rsrc Size: 16KB - Virtual size: 16KB

ff7f71604d24f7bf38da075f5fb55945

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 3KB - Virtual size: 8.4MB

.reloc Size: 26KB - Virtual size: 25KB

98e1bb14d523afbf42c3eaa48ce0dc8d

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 3KB - Virtual size: 1.2MB

.reloc Size: 8KB - Virtual size: 7KB

9daa4564b363858598babeefb313f6c5

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

d3dcompiler_43

d3d9

d3dx9_43

dinput8

gdi32

imm32

ole32

user32

winmm

kernel32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 834KB - Virtual size: 834KB

.data Size: 421KB - Virtual size: 164.8MB

.rsrc Size: 16KB - Virtual size: 16KB

964d90aba5b1693583539fc794b0916a

Headers

File Characteristics

Imports

user32

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 834KB - Virtual size: 834KB

.data
Size: 421KB - Virtual size: 164.8MB

.rsrc
Size: 16KB - Virtual size: 16KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 3KB - Virtual size: 8.4MB

.reloc
Size: 26KB - Virtual size: 25KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 3KB - Virtual size: 1.2MB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 834KB - Virtual size: 834KB

.data
Size: 421KB - Virtual size: 164.8MB

.rsrc
Size: 16KB - Virtual size: 16KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.reloc
Size: 6KB - Virtual size: 6KB