b6992046308026e8ecfd916635f01945_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b6992046308026e8ecfd916635f01945_JaffaCakes118
Size

86KB
MD5

b6992046308026e8ecfd916635f01945
SHA1

1a36db1defc0304d3f54e205bbddc5e08b6324b5
SHA256

fa0484efa5836a1bc35fcc7a1f7785f01a413a11472fcfe2d402517d5633d298
SHA512

16f9145110803c106246d9a30d8a2ba4fc423a6ad9998e4279fede845801a03bf0733926136beea46963334432d4c20054a348b3ca5b7c6b682308f1c5e9c7d9
SSDEEP

1536:DtQZ47o9eahVeYav9RA9AMcRJ81FGCHOaOrAUySTQJ:Di6WTGRQcRJ81cCHOaOrAUySTQJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6992046308026e8ecfd916635f01945_JaffaCakes118

Files

b6992046308026e8ecfd916635f01945_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fe988fd37728693c71094a83a804b6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSAGetLastError

winmm

timeBeginPeriod
timeEndPeriod

d3d8thk

OsThunkDdAttachSurface
OsThunkDdQueryDirectDrawObject
OsThunkDdDeleteDirectDrawObject
OsThunkDdUnlock
OsThunkDdBlt
OsThunkDdGetAvailDriverMemory
OsThunkDdDestroyD3DBuffer
OsThunkD3dContextCreate
OsThunkDdGetFlipStatus
OsThunkD3dDrawPrimitives2
OsThunkDdCanCreateSurface
OsThunkDdGetDriverInfo
OsThunkDdRenderMoComp
OsThunkDdCreateSurface
OsThunkDdFlipToGDISurface
OsThunkD3dContextDestroy
OsThunkDdFlip
OsThunkDdCanCreateD3DBuffer
OsThunkDdGetDC
OsThunkDdBeginMoCompFrame
OsThunkDdLockD3D
OsThunkDdUnlockD3D
OsThunkDdEndMoCompFrame
OsThunkDdWaitForVerticalBlank
OsThunkDdSetExclusiveMode
OsThunkDdLock
OsThunkDdCreateMoComp
OsThunkDdCreateD3DBuffer
OsThunkD3dContextDestroyAll
OsThunkDdGetMoCompFormats
OsThunkDdCreateSurfaceEx
OsThunkDdCreateSurfaceObject
OsThunkDdGetMoCompBuffInfo
OsThunkDdGetDriverState
OsThunkDdReenableDirectDrawObject
OsThunkDdSetGammaRamp
OsThunkDdGetMoCompGuids
OsThunkDdGetInternalMoCompInfo
OsThunkDdGetScanLine
OsThunkDdDestroySurface
OsThunkDdQueryMoCompStatus
OsThunkDdResetVisrgn
OsThunkDdDeleteSurfaceObject
OsThunkD3dValidateTextureStageState
OsThunkDdGetBltStatus
OsThunkDdDestroyMoComp
OsThunkDdReleaseDC

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

msvcrt

strstr
strchr
realloc
_initterm
sprintf
malloc
sscanf
fwrite
_CxxThrowException
_adjust_fdiv
_strlwr
_vsnprintf
atoi
__dllonexit
ceil
fclose
_stricmp
calloc
floor
_except_handler3
_CIpow
_purecall
fflush
__CxxFrameHandler
memmove
_onexit
qsort
wcsrchr
isalnum
free
fopen
_snprintf

kernel32

VirtualFree
DeleteCriticalSection
VirtualAlloc
PeekNamedPipe
InitializeCriticalSection
InterlockedCompareExchange
GetCurrentThread
EnterCriticalSection
VerSetConditionMask
FreeLibrary
GetFileSize
CreateThread
TransactNamedPipe
FlushFileBuffers
SetUnhandledExceptionFilter
CreateSemaphoreA
WaitNamedPipeA
DisconnectNamedPipe
OutputDebugStringA
GetProcAddress
ResumeThread
InterlockedExchange
TlsGetValue
VerifyVersionInfoA
DebugBreak
GetSystemTimeAsFileTime
LeaveCriticalSection
CreateEventA
SetErrorMode
DisableThreadLibraryCalls
GetPrivateProfileStringA
GetTempPathA
GetEnvironmentVariableA
OpenMutexA
UnhandledExceptionFilter
WriteFile
GetSystemDirectoryA
CreateFileA
ReleaseSemaphore
GetSystemInfo
TlsSetValue
GetVersionExA
QueryPerformanceCounter
TlsAlloc
GetLastError
IsProcessorFeaturePresent
CreateMutexA
WideCharToMultiByte
WaitForMultipleObjects
SetNamedPipeHandleState
QueryPerformanceFrequency
CreateNamedPipeA
InterlockedIncrement
GetProcessAffinityMask
SetEvent
MoveFileA
LocalFree
GetModuleHandleA
ReleaseMutex
SetThreadAffinityMask
lstrcpynA
CloseHandle
MultiByteToWideChar
SetThreadPriority
WaitForSingleObject
InterlockedDecrement
lstrcmpA
GetTickCount
ConnectNamedPipe
GetCurrentThreadId
ExitThread
SetFilePointer
GetNativeSystemInfo
GetCurrentProcess
LocalAlloc
GetCurrentProcessId
LoadLibraryA
Sleep
TerminateProcess
GetModuleFileNameA
DeleteFileA
ReadFile
VirtualProtect

crypt32

RegSetValueExU
CertCloseStore

gdi32

GdiEntry13
GdiEntry1
GetDIBits
GetRandomRgn
CreateDIBitmap
BitBlt
StretchBlt
SelectObject
GetSystemPaletteEntries
GetDeviceCaps
CreateCompatibleBitmap
CreateDIBSection
GetNearestColor
CreateCompatibleDC
DeleteDC
CreateRectRgn
DeleteObject
GetRegionData
GetDeviceGammaRamp
CreateDCA
SetStretchBltMode

user32

SetCursorPos
EnumDisplaySettingsA
GetForegroundWindow
GetDesktopWindow
SetTimer
IsZoomed
OpenInputDesktop
SetWindowLongA
PostMessageA
SetRect
GetWindowDC
SendMessageA
GetCursor
IntersectRect
SetForegroundWindow
SetCursor
CreateIconIndirect
SetWindowPos
GetClientRect
GetDC
DefWindowProcA
GetUserObjectInformationA
PtInRect
ReleaseDC
IsIconic
ClientToScreen
ChangeDisplaySettingsA
GetWindowLongA
mouse_event
LoadStringA
GetSystemMetrics
CallWindowProcA
GetThreadDesktop
GetWindowThreadProcessId
ShowWindow
IsWindowVisible
OffsetRect
IsWindow
GetCursorPos
wsprintfA
GetKeyState
KillTimer
CloseDesktop
GetMonitorInfoA
SystemParametersInfoA
DestroyIcon

Sections

.textbss
Size: 38KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fe988fd37728693c71094a83a804b6b

Headers

File Characteristics

Imports

ws2_32

winmm

d3d8thk

version

msvcrt

kernel32

crypt32

gdi32

user32

Sections

.textbss Size: 38KB - Virtual size: 368KB

.text Size: 512B - Virtual size: 436B

.rdata Size: 512B - Virtual size: 32B

.idata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 392B

.rsrc Size: 39KB - Virtual size: 38KB

.textbss
Size: 38KB - Virtual size: 368KB

.text
Size: 512B - Virtual size: 436B

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 392B

.rsrc
Size: 39KB - Virtual size: 38KB