b099582808cc2166030dbc44c334a7af_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b099582808cc2166030dbc44c334a7af_JaffaCakes118
Size

2.0MB
MD5

b099582808cc2166030dbc44c334a7af
SHA1

6c3b72f72b4706d2a905a15e9ad88cececa2cf35
SHA256

455f8082de3e2e90ee255e7d7af0c900338541d7a7a3c8f2d6b0e075238a0629
SHA512

9a38c403799d5aa98f079ed3bc9f8c7941280068fc3ac9d9a798051179076c6c5317fc27677c6f4c01c931d6d20154b79072002c793006bf8a901664bc80b89e
SSDEEP

24576:zhGHSzLE5JOpu9x59OkfH3VOHlfKjYKHy/+nnzN8WDD2qoLmNUorkq0:MH4Ex1v3VYf0YKLnx86D2IdgR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b099582808cc2166030dbc44c334a7af_JaffaCakes118

Files

b099582808cc2166030dbc44c334a7af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1037aa78a2b93fb5494305f956d8f13b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

smackw32

ord28
ord14
ord38
ord21
ord18
ord19
ord23
ord32

dplayx

ord1
ord2
ord4

winmm

auxSetVolume
mmioSetInfo
mmioSeek
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose
timeGetTime
mciSendStringA
mciGetErrorStringA
mciSendCommandA
auxGetNumDevs
auxGetDevCapsA
mmioGetInfo
mmioAdvance

mfc40

ord2086
ord4608
ord5647
ord3837
ord4656
ord3890
ord3314
ord3922
ord2323
ord1785
ord5649
ord3267
ord4510
ord4296
ord1493
ord1850
ord4691
ord2617
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord3578
ord1540
ord3346
ord3340
ord2694
ord2140
ord4101
ord3345
ord719
ord503
ord4676
ord3715
ord4186
ord2081
ord662
ord421
ord3985
ord4704
ord3761
ord5648
ord3963
ord2234
ord2197
ord5070
ord965
ord4627
ord2097
ord2909
ord2696
ord3580
ord3579
ord4719
ord4703
ord4096
ord3906
ord3259
ord504
ord549
ord3913
ord4635
ord292
ord873
ord4714
ord5363
ord4165
ord5053
ord3431
ord2390
ord1583
ord3727
ord4163
ord2675
ord2681
ord5612
ord2195
ord2224
ord4659
ord5079
ord1510
ord4934
ord2774
ord5005
ord3902
ord4407
ord4316
ord2100
ord3870
ord3007
ord2789
ord5385
ord5470
ord4097
ord3908
ord578
ord325
ord4282
ord1599
ord3731
ord2388
ord2091
ord2676
ord4545
ord4548
ord3947
ord3790
ord2913
ord4463
ord862
ord4845
ord2962
ord2528
ord2527
ord3647
ord3577
ord4653
ord4696
ord2324
ord1445
ord3917
ord3268
ord1494
ord3909
ord600
ord351
ord3606
ord1090
ord4499
ord3896
ord3822
ord483
ord1021
ord2557
ord4414
ord4417
ord4000
ord4005
ord4002
ord4019
ord4021
ord4007
ord4348
ord3833
ord3826
ord4521
ord4350
ord3853
ord4357
ord4064
ord4065
ord3760
ord265
ord1700
ord5492
ord2515
ord1041
ord5676
ord479
ord4623
ord4840
ord1733
ord704
ord762
ord1035
ord1014
ord486
ord3656
ord706
ord729
ord469
ord721
ord731
ord3655
ord2299
ord4713
ord4715
ord4668
ord1368

msvcrt40

?terminate@@YAXXZ
_exit
_XcptFilter
__p__acmdln
_initterm
_except_handler3
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
__dllonexit
free
malloc
_purecall
fopen
fprintf
fwrite
fclose
printf
_strtime
_findclose
_findnext
_findfirst
time
atoi
memcpy
_stat
strlen
strcpy
strcat
memset
_ftol
__p___mb_cur_max
_isctype
__p__pctype
strncpy
_strnicmp
tolower
exit
toupper
strstr
vsprintf
_stricmp
strncat
__CxxFrameHandler
sprintf
strncmp
sscanf
_setmbcp
_close
_lseek
_read
_open
_onexit

kernel32

GetLogicalDrives
WinExec
GlobalLock
GlobalAlloc
lstrlenA
LockResource
LoadResource
FindResourceA
DeleteFileA
GetCommandLineA
MapViewOfFile
OpenFileMappingA
CreateProcessA
GlobalFree
CloseHandle
UnmapViewOfFile
GetExitCodeProcess
MoveFileA
GetPrivateProfileStringA
CreateThread
WaitForSingleObject
ReleaseMutex
GetTickCount
Sleep
CreateMutexA
GlobalUnlock
GlobalHandle
GlobalMemoryStatus
CreateFileA
ReadFile
WriteFile
SetFilePointer
GetFileSize
CreateDirectoryA
GetDiskFreeSpaceA
_lclose
_lread
_llseek
OpenFile
GetVersion
GetDriveTypeA
CopyFileA
GetStartupInfoA
GetModuleHandleA

user32

ReleaseDC
PeekMessageA
TranslateMessage
GetDC
LoadIconA
DestroyWindow
KillTimer
MessageBoxA
GetMessageA
CreateWindowExA
GetSystemMetrics
RegisterClassA
SendMessageA
PostQuitMessage
DefWindowProcA
ShowWindow
InvalidateRect
GetCursorPos
DispatchMessageA
UpdateWindow
SetFocus
FindWindowA
WaitForInputIdle
PostMessageA
SetForegroundWindow
ReplyMessage
DrawMenuBar
EnableMenuItem
GetMenuItemCount
GetMenu
ShowCursor
DestroyIcon
GetClientRect
EnableWindow
SetMenu
DestroyCursor
LoadCursorA
SetCursor
EndPaint
BeginPaint
SetTimer

gdi32

CreateSolidBrush
GetSystemPaletteEntries
GetNearestPaletteIndex
GetDeviceCaps
CreatePalette
StretchDIBits
GetTextExtentPointA
TextOutA
SetTextColor
SetBkMode
SelectObject
SelectPalette
RealizePalette
CreateFontA
DeleteObject

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

wsock32

htons
socket
htonl
gethostname
gethostbyname
bind
ioctlsocket
WSAStartup
WSACleanup
sendto
closesocket
getsockname
inet_addr

dsound

ord1

ddraw

DirectDrawCreate

Sections

.text
Size: 947KB - Virtual size: 947KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 691KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 954KB - Virtual size: 953KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1037aa78a2b93fb5494305f956d8f13b

Headers

File Characteristics

Imports

smackw32

dplayx

winmm

mfc40

msvcrt40

kernel32

user32

gdi32

advapi32

wsock32

dsound

ddraw

Sections

.text Size: 947KB - Virtual size: 947KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 31KB - Virtual size: 691KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 954KB - Virtual size: 953KB

.reloc Size: 85KB - Virtual size: 85KB

.text
Size: 947KB - Virtual size: 947KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 31KB - Virtual size: 691KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 954KB - Virtual size: 953KB

.reloc
Size: 85KB - Virtual size: 85KB