be27a576c5cd1a5beba979c23f5fa8b1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

be27a576c5cd1a5beba979c23f5fa8b1_JaffaCakes118
Size

1.5MB
MD5

be27a576c5cd1a5beba979c23f5fa8b1
SHA1

8319929af96b1db643eadffba3c249a9ab16e4d5
SHA256

4267b3e7615cfa3c5b637176e63c6982331d70fcfc374b181fba3bd079571a1e
SHA512

939dc3b1fc3675fab82bbcdfdacb327b1e0609cfcef43cbc9ab429a489be409f62de93fe31c810ac347573a025c9e3f03b6ef804c7ae35553bd89eb970830278
SSDEEP

24576:CgRpdE0CiQLy/iSBMQZp2EKBrGoP13Gr8V7Bn2Yrby:CYnEZ5Qtj2bKBM2Yrby

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be27a576c5cd1a5beba979c23f5fa8b1_JaffaCakes118

Files

be27a576c5cd1a5beba979c23f5fa8b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff8d6b7300751d48bcdf2f5d7d476c7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

calloc
fputc
_splitpath
__CxxFrameHandler
??3@YAXPAX@Z
_CxxThrowException
_EH_prolog
_XcptFilter
exit
_exit
__getmainargs
_initterm
_acmdln
_adjust_fdiv
__p__commode
__setusermatherr
__set_app_type
_except_handler3
__p__fmode
_controlfp
??1type_info@@UAE@XZ
_access
memmove
floor
sprintf
time
??2@YAPAXI@Z
realloc
_ftol
qsort
srand
rand
_stricmp
fread
_fdopen
fprintf
ftell
malloc
_CIasin
strrchr
_strlwr
fwrite
strncpy
puts
free
strchr
fclose
fopen
strncmp

kernel32

CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetCurrentDirectoryA
GetLastError
FindNextFileA
FindClose
FindFirstFileA
DeleteFileA
GlobalAlloc
SetCurrentDirectoryA
lstrlenA
lstrcpyA
WriteFile
ExitProcess
GetFileAttributesA
CreateFileA
GetFileSize
ReadFile
CloseHandle
Sleep
GlobalHandle
GetStartupInfoA
GetModuleHandleA
GetVersionExA
GlobalFree
FlushFileBuffers
GlobalLock
GetWindowsDirectoryA
GlobalUnlock
GlobalReAlloc

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

dsound

ord1

dinput

DirectInputCreateEx

winmm

mmioAdvance
timeGetTime
mmioAscend
mmioGetInfo
mmioRead
mmioSetInfo
mmioSeek
mmioOpenA
mmioSetBuffer
mmioClose
mmioDescend

user32

UpdateWindow
UnregisterClassA
wvsprintfA
DrawTextA
GetAsyncKeyState
PostQuitMessage
DrawMenuBar
RedrawWindow
PeekMessageA
DefWindowProcA
FindWindowA
TranslateMessage
GetMessageA
ShowCursor
LoadIconA
DispatchMessageA
DestroyWindow
CreateWindowExA
LoadCursorA
SystemParametersInfoA
ReleaseDC
SetFocus
GetDC
SetWindowPos
GetWindowRect
GetSystemMetrics
ShowWindow
GetKeyNameTextA
GetClientRect
ClientToScreen
wsprintfA
MessageBoxA
RegisterClassA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

gdi32

GetDeviceCaps
SetTextColor
StretchBlt
SetBkMode
GetPaletteEntries
GetStockObject

ole32

CoInitialize
CoCreateInstance
CoUninitialize

msacm32

acmFormatEnumA
acmDriverEnum
acmDriverClose
acmStreamPrepareHeader
acmStreamClose
acmMetrics
acmDriverOpen
acmStreamOpen
acmStreamConvert

binkw32

_BinkBufferOpen@16
_BinkNextFrame@4
_BinkBufferBlit@12
_BinkClose@4
_BinkDoFrame@4
_BinkDDSurfaceType@4
_BinkOpen@8
_BinkSetSoundTrack@4
_BinkSetSoundSystem@8
_BinkOpenDirectSound@4
_BinkWait@4
_BinkGetRects@8
_BinkBufferUnlock@4
_BinkCopyToBuffer@28
_BinkBufferLock@4
_BinkBufferSetOffset@12
_BinkBufferSetScale@12

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cms_t
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cms_d
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gay
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff8d6b7300751d48bcdf2f5d7d476c7f

Headers

File Characteristics

Imports

msvcrt

kernel32

ddraw

dsound

dinput

winmm

user32

advapi32

gdi32

ole32

msacm32

binkw32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 80KB - Virtual size: 3.1MB

.cms_t Size: 80KB - Virtual size: 80KB

.cms_d Size: 160KB - Virtual size: 156KB

.gay Size: 8KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 80KB - Virtual size: 3.1MB

.cms_t
Size: 80KB - Virtual size: 80KB

.cms_d
Size: 160KB - Virtual size: 156KB

.gay
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 5KB