78041023f7d224ef3e571fb021f991ec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

78041023f7d224ef3e571fb021f991ec_JaffaCakes118
Size

3.1MB
MD5

78041023f7d224ef3e571fb021f991ec
SHA1

95fbdb21a8bbe07908999a6fff92a2a15aa78dc2
SHA256

913ab43168f0efaefe810ff6bb5b78e0b9f927f1ed05cd310911c9e95a1cca4b
SHA512

498c934d109ea4f3399ee544b4e82e1a6b34efda4562cccebcd90f41b5a1dfdb22b2f7ae3e82e5c2949110ba99da8c59764774a3ec76a2c9352f46851a1d3077
SSDEEP

49152:ZjTYddQDAL7bJkkcM3APMJrR81RRLMkYdU44TnY:OdaMLJkkcLMJGFLpYL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78041023f7d224ef3e571fb021f991ec_JaffaCakes118

Files

78041023f7d224ef3e571fb021f991ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c960846a2aa544451685023ea0293f8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\FRANCE\Building\GAME\Release\GAME.pdb

Imports

ijl15

ord3
ord2
ord5

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

timeGetTime

ws2_32

send
WSAAsyncSelect
connect
setsockopt
inet_addr
htons
socket
WSAStartup
recv
WSAGetLastError
closesocket

dinput8

DirectInput8Create

dsound

ord11

ddraw

DirectDrawCreate

kernel32

OutputDebugStringA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
HeapFree
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
lstrlenW
MulDiv
FlushInstructionCache
GetCurrentProcess
HeapAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
GetCurrentThreadId
CompareStringA
GetSystemDirectoryA
FindClose
FindFirstFileA
CreateDirectoryA
SetCurrentDirectoryA
WaitForSingleObjectEx
CreateThread
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
GetTimeZoneInformation
SetEndOfFile
SetStdHandle
GetStdHandle
WaitForSingleObject
GetCPInfo
GetOEMCP
HeapSize
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetDateFormatA
GetTimeFormatA
SetEnvironmentVariableA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
WriteFile
GetStartupInfoA
HeapReAlloc
GetSystemInfo
VirtualAlloc
VirtualProtect
ExitThread
GetSystemTimeAsFileTime
ReadFile
ExitProcess
RemoveDirectoryA
MoveFileA
GetFileType
SetFilePointer
RtlUnwind
CopyFileA
SetUnhandledExceptionFilter
GetCurrentProcessId
IsBadReadPtr
FormatMessageA
LocalFree
GetCommandLineA
GetComputerNameA
GetUserDefaultUILanguage
GetUserDefaultLangID
EnumResourceLanguagesA
GetStringTypeW
IsBadCodePtr
CreateEventA
SetEvent
LeaveCriticalSection
EnterCriticalSection
EnumSystemLocalesA
GetLocalTime
GetTickCount
WritePrivateProfileStringA
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleW
DeleteFileA
GetCurrentDirectoryA
CreateMutexA
GetLastError
Sleep
CreateProcessA
OpenProcess
IsValidLocale
IsValidCodePage
GetLocaleInfoW
CompareStringW
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileW
UnmapViewOfFile
WinExec
IsDBCSLeadByteEx
IsDBCSLeadByte
VirtualQuery
GetVersionExA
GlobalMemoryStatus
GetPrivateProfileStringA
GetModuleHandleA
GetFileAttributesA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
lstrcpynA
CreateFileA
CloseHandle
lstrcpyA
lstrlenA
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetUserDefaultLCID
LCMapStringA
GetStringTypeA
IsProcessorFeaturePresent
InterlockedCompareExchange

user32

GetKeyState
OpenClipboard
GetClipboardData
CloseClipboard
GetKeyboardLayout
ShowCursor
SetCursorPos
ClientToScreen
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetClassInfoExA
CreateAcceleratorTableA
CharNextA
GetParent
GetClassNameA
RedrawWindow
IsWindow
GetFocus
IsChild
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
GetClientRect
FillRect
SetCapture
ReleaseCapture
GetSysColor
GetWindowLongA
SetWindowLongA
GetKeyboardState
keybd_event
SendMessageA
GetCursorPos
ScreenToClient
SetWindowPos
SetRectEmpty
SetRect
GetAsyncKeyState
PeekMessageW
DispatchMessageW
UnregisterClassW
LoadIconW
LoadCursorW
RegisterClassExW
CreateWindowExW
FindWindowA
GetWindowThreadProcessId
UpdateWindow
GetMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetDlgItem
SetFocus
GetSystemMetrics
SetCursor
DestroyWindow
PostQuitMessage
ShowWindow
GetWindowRect
MoveWindow
DefWindowProcA
DefWindowProcW
PeekMessageA
TranslateMessage
DispatchMessageA
UnregisterClassA
wsprintfA
MessageBoxW
PostMessageA
MessageBoxA
GetMonitorInfoA
EnumDisplayMonitors
LoadStringA
GetWindow

gdi32

ExtTextOutA
CreateFontIndirectA
GetFontLanguageInfo
MoveToEx
GetObjectW
GetGlyphOutlineA
SetTextAlign
GetTextMetricsA
CreateFontIndirectW
GetCharacterPlacementA
GetTextMetricsW
SetBkMode
CreateDIBSection
SetMapMode
SetTextColor
SetBkColor
CreateFontA
GetDIBits
GetDeviceGammaRamp
SetDeviceGammaRamp
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
DeleteObject
CreateDCA
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A
DeleteDC
ExtTextOutW
GetCharacterPlacementW

advapi32

RegQueryInfoKeyA
RegOpenKeyA
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
OleLockRunning
OleInitialize
OleUninitialize
CoUninitialize
CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc
CoCreateInstance

oleaut32

LoadTypeLi
SysStringLen
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
VariantInit
VarUI4FromStr
SysFreeString
SysAllocString
SysAllocStringLen

imm32

ImmReleaseContext
ImmGetContext
ImmGetIMEFileNameA
ImmGetOpenStatus
ImmGetConversionStatus
ImmIsIME
ImmSetConversionStatus
ImmAssociateContext
ImmSetCompositionWindow
ImmGetProperty
ImmGetCompositionStringW
ImmGetCandidateListW
ImmNotifyIME

d3d9

Direct3DCreate9

Sections

.text
Size: 2.7MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 27.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c960846a2aa544451685023ea0293f8f

Headers

File Characteristics

PDB Paths

Imports

ijl15

version

winmm

ws2_32

dinput8

dsound

ddraw

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

imm32

d3d9

Sections

.text Size: 2.7MB - Virtual size: 2.6MB

.rdata Size: 304KB - Virtual size: 302KB

.data Size: 68KB - Virtual size: 27.3MB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 2.7MB - Virtual size: 2.6MB

.rdata
Size: 304KB - Virtual size: 302KB

.data
Size: 68KB - Virtual size: 27.3MB

.rsrc
Size: 48KB - Virtual size: 46KB