a3e446f8ba33e1cdfff08a82f0b43ad4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3e446f8ba33e1cdfff08a82f0b43ad4_JaffaCakes118
Size

1.4MB
MD5

a3e446f8ba33e1cdfff08a82f0b43ad4
SHA1

aaa7a151d6d1ee835e5acce06f3ec1a38aa6381d
SHA256

c80b4bbafbbf112e480531ad2685491f86e0fed0546f706145c4dd3cd20f9319
SHA512

f2f8a7cb5dddfec65f055810395d2a83a11948170a1ae32e21777e37ff2f59fa9759a9925eb37ff89159e15e9f50ac9e6aec267a74b04db31db5f3e4750a8497
SSDEEP

24576:vW/Y6r6DxdcSHggaiSTNu4+6vRvot9mB9ZbX1CN/2j4sLlMP:erGdYgaiK/v9Z4/2jB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3e446f8ba33e1cdfff08a82f0b43ad4_JaffaCakes118

Files

a3e446f8ba33e1cdfff08a82f0b43ad4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e4bb45b5d72dae558421de54809bea1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Saqqarah\Build_Scripts\msvc2005\Release DXSaqqarah_DX.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

gdi32

GetStockObject
Rectangle
SelectObject
SetROP2

j2k-codec

_J2K_Close@4
_J2K_Decode@20
_J2K_GetInfoEx@8
_J2K_GetResolutionDimensionsByStr@16
_J2K_OpenCustom@8
_J2K_Unlock@4
_J2K_getErrorStr@4
_J2K_getLastError@0

kernel32

Beep
CloseHandle
CreateDirectoryA
CreateFileA
CreateMutexA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesA
GetFileAttributesExA
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatA
GetUserDefaultLCID
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LockResource
MoveFileA
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile

openal32

alBufferData
alDeleteBuffers
alDeleteSources
alGenBuffers
alGenSources
alGetEnumValue
alGetError
alGetSourcei
alSource3f
alSourcePause
alSourcePlay
alSourceQueueBuffers
alSourceStop
alSourceUnqueueBuffers
alSourcef
alSourcei
alcCloseDevice
alcCreateContext
alcDestroyContext
alcGetString
alcMakeContextCurrent
alcOpenDevice

shell32

ExtractIconA
ShellExecuteA

shlwapi

PathRemoveFileSpecA

user32

ClipCursor
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
GetClassInfoExA
GetClientRect
GetCursorPos
GetDesktopWindow
GetForegroundWindow
GetSystemMetrics
GetWindowDC
LoadCursorA
MessageBoxA
PeekMessageA
PostQuitMessage
RegisterClassExA
ReleaseCapture
ScreenToClient
SendMessageA
SetCapture
SetCursor
SetTimer
SetWindowLongA
SetWindowPos
TrackMouseEvent
TranslateMessage

winmm

timeBeginPeriod
timeGetTime

Sections

.text
Size: 1016KB - Virtual size: 1015KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e4bb45b5d72dae558421de54809bea1

Headers

File Characteristics

PDB Paths

Imports

advapi32

gdi32

j2k-codec

kernel32

openal32

shell32

shlwapi

user32

winmm

Sections

.text Size: 1016KB - Virtual size: 1015KB

.rdata Size: 156KB - Virtual size: 155KB

.data Size: 136KB - Virtual size: 162KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 132KB - Virtual size: 129KB

.text
Size: 1016KB - Virtual size: 1015KB

.rdata
Size: 156KB - Virtual size: 155KB

.data
Size: 136KB - Virtual size: 162KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 132KB - Virtual size: 129KB