c7f0122c37d4dc80b195895bb4e9bb47_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7f0122c37d4dc80b195895bb4e9bb47_JaffaCakes118
Size

5.3MB
MD5

c7f0122c37d4dc80b195895bb4e9bb47
SHA1

5a0114ddf94b86d3be939504f50ce115a479f637
SHA256

276578f78f5348c2a8bb6edcef4c3ddc881d08097a71bcd9ded12468ffbdc24f
SHA512

cb08107ce5258557f794b1f8fa405a9c9fcb3c93e7515566b7eabe8840df5415e7953319f76e65ebf6a8bf25045048a96d73e0f7fbe36520c501fd0ed15b1b09
SSDEEP

49152:Er2qb0khsaqtwDyMQRd/Yvw5+Zn/tJh7bgVtS:E6AygDbh/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7f0122c37d4dc80b195895bb4e9bb47_JaffaCakes118

Files

c7f0122c37d4dc80b195895bb4e9bb47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93f9b10bf3360234c8e15c20bb6fdc3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Luna\luna_kra\Obj\LUNAClient\Debug\LUNAClient.pdb

Imports

soundlib

CreateSoundLib

ss3dgfunc

_CrossProduct@12
_CalcDistance@8
_MatrixMultiply2@12
_TransformV3TOV4@16
_SetInverseMatrix@8
_Normalize@8
_COLORtoDWORD@16
_WriteTGA@24
_TransformVector3_VPTR2@16
_VBHRelease@4
_VBHDeleteAll@4
_VBHCreate@0
_VBHInitialize@16
_VBHInsert@16
_VBHSelect@20
_RotatePositionWithPivot@24
_SetRotationXMatrix@8
_SetRotationYMatrix@8
_VECTOR3Length@4

dinput8

DirectInput8Create

winmm

timeGetTime

kernel32

GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCurrentThread
HeapDestroy
CompareStringW
CompareStringA
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
FindFirstFileA
CloseHandle
GetLastError
CreateFileMappingA
FileTimeToSystemTime
GetCurrentDirectoryA
GetWindowsDirectoryA
FormatMessageA
GetModuleHandleA
lstrcpyA
IsBadReadPtr
SetUnhandledExceptionFilter
lstrcpynA
GetModuleFileNameA
GetTickCount
Sleep
OutputDebugStringA
lstrlenA
IsDBCSLeadByte
MulDiv
WideCharToMultiByte
MultiByteToWideChar
GetLocalTime
ReadFile
CreateFileA
DeleteCriticalSection
CreateDirectoryA
GetSystemTime
HeapCreate
FreeLibrary
GetProcAddress
LoadLibraryA
OpenFile
lstrcmpA
SetCurrentDirectoryA
GetLocaleInfoW
GetTimeZoneInformation
SetEndOfFile
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
InterlockedExchange
InitializeCriticalSection
HeapReAlloc
SetConsoleCtrlHandler
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
SetFilePointer
LCMapStringW
LCMapStringA
GetProcessHeap
HeapAlloc
GetCPInfo
FreeEnvironmentStringsA
TlsAlloc
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
WriteFile
SetLastError
UnhandledExceptionFilter
GetCurrentProcess
GetOEMCP
GetACP
FatalAppExitA
InterlockedIncrement
InterlockedDecrement
HeapFree
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
EnterCriticalSection
GetFileSize
SetEnvironmentVariableA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
DebugBreak
GetFileAttributesA
IsBadWritePtr
HeapValidate
TerminateProcess
LeaveCriticalSection

user32

SetRect
wsprintfA
ShowCursor
UpdateWindow
ShowWindow
SetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
CharPrevA
CharNextA
GetDC
ReleaseDC
OffsetRect
SetCursor
LoadCursorFromFileA
CopyRect
SendMessageA
PostMessageA
MessageBoxA
PeekMessageA
TranslateMessage
DispatchMessageA
LoadIconA
RegisterClassExA
EndDialog
DefWindowProcA
GetSystemMetrics
CreateWindowExA
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard

gdi32

CreateFontIndirectA
SelectObject
GetTextExtentPoint32A
DeleteObject
GetStockObject
GetDeviceCaps

shell32

ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
CoInitialize

freeimage

_FreeImage_Load@12
_FreeImage_SaveJPEG@12
_FreeImage_Unload@4
_FreeImage_GetInfo@4
_FreeImage_GetBits@4
_FreeImage_ConvertTo16Bits565@4

Sections

.textbss
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93f9b10bf3360234c8e15c20bb6fdc3a

Headers

File Characteristics

PDB Paths

Imports

soundlib

ss3dgfunc

dinput8

winmm

kernel32

user32

gdi32

shell32

ole32

freeimage

Sections

.textbss Size: - Virtual size: 1.6MB

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 264KB - Virtual size: 262KB

.data Size: 1.6MB - Virtual size: 1.9MB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 5KB

.textbss
Size: - Virtual size: 1.6MB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 264KB - Virtual size: 262KB

.data
Size: 1.6MB - Virtual size: 1.9MB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 5KB