ae38e501da2efdb52fc3b58d66f27a52_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ae38e501da2efdb52fc3b58d66f27a52_JaffaCakes118
Size

2.6MB
MD5

ae38e501da2efdb52fc3b58d66f27a52
SHA1

d7ee47202a9da8292531f2b23444887d6f04d914
SHA256

a30bb69661d0b0336e7a9645fe45dd3e62683d8b6cecd2def4ce317ae392abea
SHA512

20fd2f5c26bf62c9d294856f64b2b615a802eb29d6ae98402347463b16b2ee4c341282da16cf06f67280a425d18335a2ca493314619b503e55dcc871b8015972
SSDEEP

49152:6IFNUSQ0aglZLzkSxTds6K9c0WTwIkv08pExXJMLL+37COaaAp5:6wjadGTdsB9clw7Ly7XaaAp5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae38e501da2efdb52fc3b58d66f27a52_JaffaCakes118

Files

ae38e501da2efdb52fc3b58d66f27a52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1bb6f3e83eeb91f726c15d70dbc24315

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8

Direct3DCreate8

dinput8

DirectInput8Create

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod

kernel32

GetTempFileNameA
GetTempPathA
GetTickCount
CloseHandle
SetEvent
ResetEvent
ResumeThread
CreateEventA
SuspendThread
MultiByteToWideChar
WaitForMultipleObjects
WaitForSingleObject
CreateThread
GetVersionExA
IsBadReadPtr
PulseEvent
lstrcpyA
GetCurrentThreadId
ExitThread
TerminateThread
FormatMessageA
GetLastError
ReadFile
WriteFile
SetFilePointer
GetFileSize
CreateFileA
LocalFree
GetSystemInfo
LockResource
SizeofResource
LoadResource
FindResourceA
GetFullPathNameA
FindClose
FindFirstFileA
GetModuleFileNameA
GetCurrentDirectoryA
MulDiv
IsProcessorFeaturePresent
DebugBreak
GetProcessHeap
HeapCompact
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedDecrement
InterlockedIncrement
GetCurrentProcess
SetPriorityClass
SetCurrentDirectoryA
OutputDebugStringA
Sleep
FreeLibrary
DeleteFileA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetStartupInfoA
SetThreadPriority
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadCodePtr
IsBadWritePtr
CreateDirectoryA
GetUserDefaultLangID
WideCharToMultiByte
OpenProcess
GetThreadPriority
GetCurrentThread
GetPriorityClass
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
OpenFileMappingA
GetCurrentProcessId
GetSystemDirectoryA
CreateProcessA
WriteProcessMemory
SearchPathA
HeapSize
ReleaseMutex
CreateMutexA
CreateSemaphoreA
ReleaseSemaphore
FindNextFileA
GetWindowsDirectoryA
SystemTimeToFileTime
FileTimeToSystemTime
SetFileTime
GetVolumeInformationA
DeviceIoControl
VirtualProtectEx
SetLastError
GetDriveTypeA
QueryDosDeviceA
GetDiskFreeSpaceExA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FlushFileBuffers
RaiseException
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

user32

BeginPaint
DefWindowProcA
IsIconic
ShowWindow
SendMessageTimeoutA
AdjustWindowRect
SetWindowPos
SetCursor
ShowCursor
GetKeyboardState
ToAscii
SetFocus
ClipCursor
GetAsyncKeyState
PostQuitMessage
LoadStringA
LoadIconA
LoadCursorA
RegisterClassA
GetDesktopWindow
GetWindowRect
CreateWindowExA
LoadImageA
SendMessageA
PeekMessageA
TranslateMessage
SetCursorPos
DispatchMessageA
DestroyWindow
MessageBoxA
EndPaint
wsprintfA
LoadCursorFromFileA
SetSystemCursor
CopyImage
InvalidateRect
UnregisterClassA

gdi32

CreateDIBSection
DeleteObject
SelectObject
SetTextCharacterExtra
GetTextCharacterExtra
GetTextExtentPoint32A
DeleteDC
TextOutA
Rectangle
CreateFontA
SetBkColor
SetBkMode
SetTextColor
CreateCompatibleDC
RemoveFontResourceA
CreateFontIndirectA
AddFontResourceA
GetGlyphOutlineA
GetTextFaceA
GdiFlush
GetTextMetricsA
SetMapMode
GetStockObject
BitBlt
StretchBlt
SetStretchBltMode
CreateBitmap
CreateCompatibleBitmap
RectVisible
StretchDIBits

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA
ControlService
QueryServiceConfigA
QueryServiceStatus
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
DeleteService
CloseServiceHandle
RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

msvcp71

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

msvcr71

_stat
_mbscmp
_mbsicmp
_mbsinc
_CIpow
qsort
malloc
free
time
strncat
_splitpath
atol
_stricmp
_finite
_ftol
exit
??1type_info@@UAE@XZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
?terminate@@YAXXZ
_controlfp
_strnicmp
_strupr
realloc
fopen
fclose
fgetc
atoi
atof
strchr
??0exception@@QAE@ABV0@@Z
_CxxThrowException
__CxxFrameHandler
_purecall
??0exception@@QAE@XZ
??1exception@@UAE@XZ
strncpy
memmove
_vsnprintf
isspace
fread
ftell
fseek
_setjmp3
tolower
sscanf
isdigit
fprintf
_isnan
fgets
fputc
fputs
_findclose
fwrite
_findfirst
_findnext
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
longjmp
fflush
rand
isalnum
floor
_CIsqrt
wcscmp
wcscpy
wcsncpy
wcstombs
wcscat
wcslen
_CIacos
_beginthreadex
_CIfmod
strrchr
sprintf
toupper
clock
strstr
srand

wsock32

WSASetLastError
inet_ntoa
WSAGetLastError
ioctlsocket
htons
getsockname
bind
setsockopt
closesocket
socket
WSAStartup
htonl
gethostbyname
gethostname
ntohs
ntohl
recvfrom
sendto
select
WSACleanup

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

LTGetILTMemory
SetMasterDatabase

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rjes
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.obfzv
Size: 720KB - Virtual size: 719KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bb6f3e83eeb91f726c15d70dbc24315

Headers

File Characteristics

Imports

d3d8

dinput8

winmm

kernel32

user32

gdi32

advapi32

ole32

msvcp71

msvcr71

wsock32

version

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 120KB - Virtual size: 117KB

.data Size: 116KB - Virtual size: 200KB

.data1 Size: 4KB - Virtual size: 2KB

.rjes Size: 276KB - Virtual size: 276KB

.obfzv Size: 720KB - Virtual size: 719KB

.idata Size: 12KB - Virtual size: 8KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 120KB - Virtual size: 117KB

.data
Size: 116KB - Virtual size: 200KB

.data1
Size: 4KB - Virtual size: 2KB

.rjes
Size: 276KB - Virtual size: 276KB

.obfzv
Size: 720KB - Virtual size: 719KB

.idata
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 24KB - Virtual size: 23KB