ba30cea69fc2acd196f315c00205d1b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba30cea69fc2acd196f315c00205d1b5_JaffaCakes118
Size

548KB
MD5

ba30cea69fc2acd196f315c00205d1b5
SHA1

9aacf78cc304c45a84d6223cad9883db69317783
SHA256

957059c4757d3904c3da6a31c05c84637315578aeac87ac7324f91dea29261c1
SHA512

b3ff1105b5e9b4fccfe315552c38de7cdce90ebc122201daf644f7f2a1291d62f7f4d1b0bf9eb8268d079c8989bce78ad23a8e0853ecb969122c2f8dbd2a54cc
SSDEEP

12288:Ii2smMlcTdHtPF8YXQjg+IEdfvbC/izcUkWzljM6ekBDl7HZ37aiU1jO7L:Ii2smMlqdHtPF8YX4IlKlekBDl7HZLD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba30cea69fc2acd196f315c00205d1b5_JaffaCakes118

Files

ba30cea69fc2acd196f315c00205d1b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f25eab4f2bb35b2c4160deee87ecd33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
IsBadReadPtr
WaitForSingleObject
RaiseException
CreateProcessA
GetExitCodeProcess
CloseHandle
LoadLibraryA
FreeLibrary
GetCommandLineA
GetModuleHandleA
GetLastError
IsProcessorFeaturePresent
SetEndOfFile
CompareStringW
CompareStringA
CreateFileA
LCMapStringW
LCMapStringA
SetStdHandle
FlushFileBuffers
GetOEMCP
GetACP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
InterlockedExchange
RtlUnwind
IsBadWritePtr
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetFullPathNameA
ReadFile
SetFilePointer
GetTimeZoneInformation
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
HeapSize
HeapReAlloc
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
DeleteCriticalSection
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapAlloc
HeapFree
SetEnvironmentVariableW
CreateDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
MoveFileA
DeleteFileA
FindNextFileA
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
GetSystemTimeAsFileTime
MultiByteToWideChar
GetVersionExA
GetStartupInfoA
LeaveCriticalSection
EnterCriticalSection
IsBadCodePtr
GetCurrentProcess
TerminateProcess
ExitProcess
GetWindowsDirectoryA
SetEnvironmentVariableA
GetProcAddress
GlobalLock
GlobalUnlock

user32

CloseClipboard
GetClipboardData
OpenClipboard
MessageBoxA
GetDC
ShowCursor
GetDesktopWindow
GetWindowInfo
SetWindowPos
SetWindowRgn
GetActiveWindow

gdi32

DeleteObject
EnumFontFamiliesExA
CreateRectRgn

advapi32

RegOpenKeyA
GetUserNameA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

sdl

SDL_JoystickNumButtons
SDL_WarpMouse
SDL_Quit
SDL_WM_SetIcon
SDL_WM_SetCaption
SDL_EnableUNICODE
SDL_GetWMInfo
SDL_Init
SDL_PollEvent
SDL_SetModuleHandle
SDL_GetError
SDL_ShowCursor
SDL_WaitThread
SDL_CreateThread
SDL_KillThread
SDL_WasInit
SDL_QuitSubSystem
SDL_RWFromMem
SDL_SetVideoMode
SDL_UpperBlit
SDL_SetAlpha
SDL_Flip
SDL_GetTicks
SDL_Delay
SDL_mutexV
SDL_mutexP
SDL_CreateMutex
SDL_DestroyMutex
SDL_PumpEvents
SDL_FreeSurface
SDL_CreateRGBSurface
SDL_LockSurface
SDL_UnlockSurface
SDL_DisplayFormatAlpha
SDL_DisplayFormat
SDL_FreeRW
SDL_SetColorKey
SDL_SaveBMP_RW
SDL_RWFromFile
SDL_JoystickNumHats
SDL_JoystickNumBalls
SDL_JoystickNumAxes
SDL_JoystickIndex
SDL_JoystickName
SDL_JoystickOpen
SDL_NumJoysticks
SDL_JoystickEventState
SDL_InitSubSystem
SDL_JoystickClose
SDL_WM_IconifyWindow

sdl_image

IMG_LoadTyped_RW

sdl_mixer

Mix_ResumeMusic
Mix_PlayingMusic
Mix_FadeInMusicPos
Mix_LoadMUS
Mix_FreeMusic
Mix_HaltMusic
Mix_FadeOutMusic
Mix_VolumeMusic
Mix_Volume
Mix_AllocateChannels
Mix_FadeInChannelTimed
Mix_PlayChannelTimed
Mix_HaltChannel
Mix_Pause
Mix_Resume
Mix_VolumeChunk
Mix_QuerySpec
Mix_ChannelFinished
Mix_OpenAudio
Mix_FreeChunk
Mix_CloseAudio
Mix_LoadWAV_RW
Mix_PauseMusic

sdl_net

SDLNet_TCP_Recv
SDLNet_TCP_Close
SDLNet_DelSocket
SDLNet_TCP_Send
SDLNet_AddSocket
SDLNet_ResolveIP
SDLNet_TCP_GetPeerAddress
SDLNet_TCP_Accept
SDLNet_AllocSocketSet
SDLNet_Init
SDLNet_Quit
SDLNet_FreeSocketSet
SDLNet_ResolveHost
SDLNet_CheckSockets
SDLNet_TCP_Open

sdl_ttf

TTF_SetFontStyle
TTF_RenderUNICODE_Shaded
TTF_RenderUNICODE_Blended
TTF_SizeUNICODE
TTF_SizeText
TTF_Init
TTF_CloseFont
TTF_Quit
TTF_OpenFontRW

Sections

.text
Size: 436KB - Virtual size: 434KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.garr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f25eab4f2bb35b2c4160deee87ecd33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

sdl

sdl_image

sdl_mixer

sdl_net

sdl_ttf

Sections

.text Size: 436KB - Virtual size: 434KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 24KB - Virtual size: 35KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 7KB

.garr Size: 4KB - Virtual size: 4KB

.text
Size: 436KB - Virtual size: 434KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 24KB - Virtual size: 35KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 7KB

.garr
Size: 4KB - Virtual size: 4KB