aff87bd2f8d77798be09693de40234e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aff87bd2f8d77798be09693de40234e9_JaffaCakes118
Size

794KB
MD5

aff87bd2f8d77798be09693de40234e9
SHA1

c67e4c7d5608dcd2bfd83943c07585aa44bfd050
SHA256

24affe13f08d000f25bc51acb0e6ca4f7f69a369da1793a7c78a6bb5cb16d84c
SHA512

808becdd576c2c396e0bdb9ade6f00d08a5d4e2302979a7e5a78e07ad28bf15fed2f043cf149be8a9357b45243d644a4e97cd63c2824a089bd4d81d5970b7fbc
SSDEEP

24576:O90MA33VszEnM0YyKiwQe0/itsT9+rtUx:Oo33LBdoBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aff87bd2f8d77798be09693de40234e9_JaffaCakes118

Files

aff87bd2f8d77798be09693de40234e9_JaffaCakes118
.exe windows:6 windows x86 arch:x86

42dfb88b812097aefa53a47d8eaddb65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

MineSweeper.pdb

Imports

kernel32

LoadLibraryExA
InterlockedCompareExchange
FreeLibrary
GetLastError
GetProcAddress
DelayLoadFailureHook
FindResourceW
LoadResource
LockResource
GetTickCount
CreateFileW
IsProcessorFeaturePresent
GetSystemInfo
UnmapViewOfFile
CreateFileA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OutputDebugStringA
VirtualAlloc
VirtualFree
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
HeapSetInformation
lstrcmpW
CreateThread
GetModuleHandleW
LocalFree
LoadLibraryExW
WideCharToMultiByte
FreeResource
GetDateFormatW
InterlockedExchange
Sleep
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LoadLibraryW
GetVersionExW
QueryPerformanceFrequency
ExitProcess
SleepEx
OutputDebugStringW
SetCurrentDirectoryW
GetModuleFileNameW
RegisterApplicationRestart
GetCommandLineW
CreateMutexW
MultiByteToWideChar
RaiseException
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
MulDiv
SetLastError
GlobalDeleteAtom
GlobalAddAtomW
DeleteFileW
GetCurrentDirectoryW
GetFileSize
ReadFile
WriteFile
SetFilePointer
MoveFileExW
GetFileAttributesW
CreateDirectoryW
InterlockedIncrement
InterlockedDecrement
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
SizeofResource
WaitForSingleObject
CreateEventW
FormatMessageW
LocalAlloc
GetThreadLocale
FindResourceExW
WriteConsoleW
GetFileType
GetStdHandle
DebugBreak
GetTickCount64

user32

SetDlgItemTextW
GetFocus
PostMessageW
EnableWindow
SetDlgItemInt
GetDlgItem
SendDlgItemMessageW
SetWindowTextW
GetKeyState
SendMessageW
LoadStringW
PostQuitMessage
LoadMenuW
GetMenu
DestroyMenu
GetClientRect
GetWindowRect
NotifyWinEvent
GetCursorPos
GetSystemMetrics
GetDoubleClickTime
MonitorFromWindow
SetRect
ShowCursor
SetWindowPos
KillTimer
IsIconic
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
PeekMessageW
SetTimer
DestroyWindow
UnhookWindowsHookEx
LoadAcceleratorsW
RegisterRawInputDevices
SetForegroundWindow
BringWindowToTop
FindWindowW
GetClassInfoExW
LoadCursorW
SetMenuInfo
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
TrackPopupMenu
FillRect
GetSysColor
EqualRect
UnionRect
GetMonitorInfoW
MonitorFromRect
CheckDlgButton
SetWindowPlacement
IsWindowVisible
GetWindowPlacement
SetClassLongW
SetCursor
CallNextHookEx
OffsetRect
LoadIconW
EnumDisplayMonitors
ReleaseDC
GetDC
RedrawWindow
DefWindowProcW
SetCapture
TrackMouseEvent
IsRectEmpty
IntersectRect
GetRawInputData
GetForegroundWindow
DrawFrameControl
PtInRect
ScreenToClient
ReleaseCapture
EndPaint
GetSysColorBrush
BeginPaint
RegisterClassExW
CreateWindowExW
GetSubMenu
SetPropW
SetWindowsHookExW
RegisterClassW
RegisterWindowMessageW
DrawTextW
CallWindowProcW
AdjustWindowRect
GetIconInfo
GetProcessDefaultLayout
MessageBoxW
GetWindow
GetClassNameW
GetNextDlgGroupItem
SetFocus
GetDlgCtrlID
EndDialog
GetWindowTextW
MapWindowPoints
DrawEdge
IsWindowEnabled
EnumChildWindows
SetWindowRgn
IsDialogMessageW
GetNextDlgTabItem
CreateDialogParamW
CreateDialogIndirectParamW
DialogBoxParamW
SetMenu
DrawMenuBar
SystemParametersInfoW
InvalidateRect
EnableMenuItem
GetParent
SetWindowLongW
GetWindowLongW
IsDlgButtonChecked
UnregisterClassA
IsZoomed
ShowWindow
SendInput

msvcrt

_CIlog
qsort
_ftol2
_vsnwprintf_s
?_set_new_mode@@YAHH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
wcscat_s
memmove
wcsncmp
strncmp
_errno
_snwprintf_s
_vscwprintf
wcsspn
wcscspn
_controlfp
_except_handler4_common
?terminate@@YAXXZ
_onexit
memmove_s
_wcsnicmp
_localtime64_s
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
malloc
_callnewh
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
srand
memcpy
mbstowcs_s
wcstombs_s
_wcstoui64
_wcsicmp
wcstod
wcstol
wcstoul
swprintf_s
_wtoi
wcsncpy_s
_purecall
_time64
memset
wcscpy_s
wcschr
rand
time
_CIsqrt
floor
_CIcos
__CxxFrameHandler3
_ftol2_sse
realloc
free
_CIacos
_CIatan2
_CIsin
_finite
_strdup
setlocale
iswpunct
iswdigit
iswalpha
iswspace

ntdll

WinSqmAddToStream
WinSqmIncrementDWORD

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

shell32

ShellAboutW
ShellExecuteW
SHGetFolderPathEx
CommandLineToArgvW
SHGetFolderPathW
SHSetLocalizedName

advapi32

GetUserNameW

gdi32

GetCharacterPlacementA
GetCharacterPlacementW
CreateDIBSection
GetFontLanguageInfo
CreateFontIndirectA
SetTextAlign
SetMapMode
ExtTextOutA
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
RemoveFontResourceW
GetTextMetricsW
CreateRoundRectRgn
GetObjectA
CreatePen
Rectangle
GetBkColor
GetTextColor
DeleteDC
SaveDC
RestoreDC
CreateFontW
CreateSolidBrush
CreateFontIndirectW
PatBlt
DeleteObject
ExtTextOutW
CreateCompatibleDC
CreateBitmap
BitBlt
ExcludeClipRect
GetTextExtentPoint32W
GetDeviceCaps
SelectObject
SetTextColor
SetBkColor
SetBkMode
GetStockObject
AddFontResourceW
MoveToEx

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString
SysStringLen

shlwapi

PathCombineW
PathFileExistsW

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_Add
ImageList_Destroy

gdiplus

GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipCreateRegionHrgn
GdipSetClipRegion
GdipSetClipRectI
GdipDrawImageRectRectI
GdipDrawImagePointRectI
GdipMeasureString
GdipFillRegion
GdipFillRectangleI
GdipDrawRectangleI
GdipDrawRectangle
GdipDrawLineI
GdipReleaseDC
GdipGetDC
GdipCreateFromHDC
GdipSetStringFormatHotkeyPrefix
GdipSetPenDashStyle
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipDeleteBrush
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipDeleteFont
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCreateSolidFill
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
GdipDrawString
GdipDrawImageRectI
GdipCloneBrush
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreatePen1
GdipDeletePen
GdipDeleteRegion
GdipImageRotateFlip
GdipSetImageAttributesWrapMode
GdipCreateLineBrushFromRectI

secur32

GetUserNameExW

d3d9

Direct3DCreate9

dsound

ord11

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

oleacc

AccessibleObjectFromWindow
AccessibleChildren
CreateStdAccessibleProxyW
LresultFromObject

xinput9_1_0

XInputSetState
XInputGetState

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

slc

SLGetWindowsInformationDWORD

usp10

ScriptItemize
ScriptBreak

Sections

.text
Size: 499KB - Virtual size: 499KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42dfb88b812097aefa53a47d8eaddb65

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcrt

ntdll

ole32

shell32

advapi32

gdi32

oleaut32

shlwapi

comctl32

gdiplus

secur32

d3d9

dsound

winmm

oleacc

xinput9_1_0

wtsapi32

slc

usp10

Sections

.text Size: 499KB - Virtual size: 499KB

.data Size: 106KB - Virtual size: 123KB

.rsrc Size: 153KB - Virtual size: 153KB

.reloc Size: 33KB - Virtual size: 33KB

.text
Size: 499KB - Virtual size: 499KB

.data
Size: 106KB - Virtual size: 123KB

.rsrc
Size: 153KB - Virtual size: 153KB

.reloc
Size: 33KB - Virtual size: 33KB