ae8d4b67716ce67bc9224ed78f22eb9d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae8d4b67716ce67bc9224ed78f22eb9d_JaffaCakes118
Size

260KB
MD5

ae8d4b67716ce67bc9224ed78f22eb9d
SHA1

663524758fded6bd8f88cdc4462d2a82c70bb17d
SHA256

44ca99c1fee5f6cbda3b264f84074ce256fc34ab55e584d7e70b92285656908e
SHA512

354cbefd977d7e86007ccb73dca71b9e13aa9409a282e468abf6080ad99c2ad2ad0b7de582f0016314263f624ea0f1b0498adcd271c61a77414366e5c95353ee
SSDEEP

6144:dZtXi/IVjw0iAViIL/ak6AK61jkfyuDJNQz1yS3B:btXi/IVE0iAViILq8kfyuNNZQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae8d4b67716ce67bc9224ed78f22eb9d_JaffaCakes118

Files

ae8d4b67716ce67bc9224ed78f22eb9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aee09305046d055ca775a719c466097a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
RtlUnwind
ExitThread
TlsSetValue
GetCurrentThreadId
CreateThread
GetCurrentProcess
TerminateProcess
ExitProcess
GetTimeZoneInformation
WideCharToMultiByte
DeleteFileA
RaiseException
HeapFree
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetVersion
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVolumeInformationA
OutputDebugStringA
SetThreadPriority
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CloseHandle
SetErrorMode
GetLastError
LoadLibraryA
GetProcAddress
LCMapStringA
LCMapStringW
GetModuleFileNameA
CreateDirectoryA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
FreeLibrary
CreateFileA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
HeapSize
SetFilePointer
ReadFile
WriteFile
GetFileType
GetStdHandle
Sleep
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapAlloc

user32

FindWindowA
CopyImage
LoadImageA
GetDlgItem
EnableWindow
CallWindowProcA
GetCapture
BeginPaint
EndPaint
GetWindowRect
GetClientRect
SetWindowRgn
CreateDialogParamA
GetDC
SetWindowLongA
PostQuitMessage
InvalidateRect
SendMessageA
LoadIconA
LoadCursorA
SetWindowPos
DestroyWindow
DispatchMessageA
PeekMessageA
TranslateMessage
CreateWindowExA
ShowWindow
UpdateWindow
DefWindowProcA
RegisterClassExA
MessageBoxA

gdi32

DeleteObject
CreateRoundRectRgn
CreateCompatibleBitmap
GetObjectA
GetCurrentObject
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoCreateGuid
CoInitialize

oleaut32

SysAllocString
SysStringLen
SysFreeString
OleLoadPicture

wsock32

WSAStartup
closesocket
shutdown
WSAGetLastError
connect
inet_ntoa
socket
htonl
WSACleanup
listen
bind
ntohl
accept
ntohs
recv
send
setsockopt
gethostname
htons
select
__WSAFDIsSet
gethostbyname
sendto
recvfrom

iphlpapi

GetAdaptersInfo

comctl32

ord17

winmm

timeGetTime

fmod

_FSOUND_Stream_Net_GetStatus@20
_FSOUND_Stream_PlayEx@16
_FSOUND_Close@0
_FSOUND_Stream_Close@4
_FSOUND_Stream_Open@16
_FSOUND_Stream_Net_SetBufferProperties@12
_FSOUND_Stream_SetBufferSize@4
_FSOUND_GetError@0
_FSOUND_Init@12
_FSOUND_GetVersion@0
_FSOUND_SetFrequency@8
_FSOUND_Stream_GetMode@4
_FSOUND_GetFrequency@4
_FSOUND_GetOutputRate@0
_FSOUND_Stream_GetOpenState@4
_FSOUND_SetPaused@8
_FSOUND_SetVolume@8
_FSOUND_SetSFXMasterVolume@4
_FSOUND_SetPan@8

Sections

.text
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aee09305046d055ca775a719c466097a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wsock32

iphlpapi

comctl32

winmm

fmod

Sections

.text Size: 216KB - Virtual size: 214KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 28KB - Virtual size: 53KB

.rsrc Size: 4KB - Virtual size: 424B

.text
Size: 216KB - Virtual size: 214KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 28KB - Virtual size: 53KB

.rsrc
Size: 4KB - Virtual size: 424B