d19409efd8ff5503aff09fc81b2313a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d19409efd8ff5503aff09fc81b2313a0_JaffaCakes118
Size

2.7MB
MD5

d19409efd8ff5503aff09fc81b2313a0
SHA1

7dc5115ad2df50366db672638b0207858e1e029e
SHA256

bc4c1e6a83bca71d0bea1bf6cf3f2c655f0b66713a27e51bc12d56c0771bf597
SHA512

7dd11c3c7377791b45541024bb32fa516a6902c87f7238677914435fae89ca2fb26ffa85bec45385b8fd07ae7fe198c0134acb70018de1d6febdc5754f96371f
SSDEEP

49152:3Uw19hTTYUJpQo07q0eNZRkWUCkeYPkfNbPa5Ys:3rnvJbFB1bPjs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d19409efd8ff5503aff09fc81b2313a0_JaffaCakes118

Files

d19409efd8ff5503aff09fc81b2313a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ba87eb69cacf5319169919592960dc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

mciSendStringA
timeBeginPeriod
timeEndPeriod
timeGetTime

mss32

_AIL_pause_stream@8
_AIL_stream_status@4
_AIL_serve@0
_AIL_set_stream_volume@8
_AIL_allocate_sample_handle@4
_AIL_waveOutClose@4
_AIL_get_preference@4
_AIL_stream_volume@4
_AIL_stream_position@4
_AIL_set_stream_loop_count@8
_AIL_open_stream@12
_AIL_start_stream@4
_AIL_set_stream_position@8
_AIL_init_sample@4
_AIL_set_sample_file@12
_AIL_set_sample_loop_count@8
_AIL_service_stream@8
_AIL_sample_volume@4
_AIL_start_sample@4
_AIL_set_sample_volume@8
_AIL_stop_sample@4
_AIL_sample_status@4
_AIL_resume_sample@4
_AIL_close_stream@4
_AIL_end_sample@4
_AIL_shutdown@0
_AIL_startup@0
_AIL_set_preference@8
_AIL_HWND@0
_AIL_waveOutOpen@16
_AIL_digital_configuration@16

smackw32

_SmackDoFrame@4
_SmackGoto@8
_SmackToBufferRect@8
_SmackClose@4
_SmackNextFrame@4
_SmackWait@4
_SmackSoundUseMSS@4
_SmackToBuffer@28
_SmackUseMMX@4
_SmackVolumePan@16
_SmackOpen@12

ddraw

DirectDrawCreate

wsock32

closesocket
inet_addr
gethostbyname
gethostname
inet_ntoa
bind
htonl
htons
WSAStartup
socket

kernel32

GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetEndOfFile
SetStdHandle
HeapCreate
HeapDestroy
GetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
GetStdHandle
EnumSystemLocalesA
GetUserDefaultLCID
SetHandleCount
FlushFileBuffers
HeapSize
SetUnhandledExceptionFilter
TlsGetValue
SetLastError
TlsAlloc
CompareStringW
CompareStringA
Sleep
SetFilePointer
GetCurrentDirectoryA
GlobalLock
GlobalAlloc
DeleteCriticalSection
CloseHandle
GetLastError
CreateEventA
GetDriveTypeA
GetLogicalDrives
GetDiskFreeSpaceA
GetStringTypeA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
DeleteFileA
GetVersionExA
ReadFile
WaitForSingleObject
SetEvent
GetModuleFileNameA
GetFileTime
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
WriteFile
FindClose
FindFirstFileA
FindNextFileA
HeapReAlloc
GetCurrentProcess
TerminateProcess
ExitProcess
GetFullPathNameA
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
SetCurrentDirectoryA
InterlockedDecrement
InterlockedExchange
RaiseException
OpenFile
_llseek
_lread
_lclose
IsBadReadPtr
GlobalHandle
GlobalUnlock
GlobalFree
GetVersion
LoadLibraryA
GetProcAddress
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetFileType
CreateThread
TlsSetValue
ExitThread
ResumeThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
IsBadCodePtr
GetACP
GetOEMCP
GetLocaleInfoW
HeapAlloc
SetEnvironmentVariableA
InitializeCriticalSection

user32

EndPaint
BeginPaint
MoveWindow
GetDC
ReleaseDC
AdjustWindowRectEx
GetClientRect
SetWindowLongA
GetForegroundWindow
MessageBeep
GetWindowThreadProcessId
GetCursorPos
ScreenToClient
UnionRect
ClientToScreen
OffsetRect
IsRectEmpty
ShowCursor
wsprintfA
IntersectRect
GetMenuItemCount
GetMenuItemID
GetSubMenu
EnableMenuItem
DrawMenuBar
EndDialog
DialogBoxParamA
GetDesktopWindow
WinHelpA
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
GetWindowLongA
GetWindowRect
DestroyWindow
PostQuitMessage
DefWindowProcA
LoadIconA
RegisterClassA
AdjustWindowRect
CreateWindowExA
LoadCursorA
SetCursor
SetMenu
DestroyMenu
SetCapture
ReleaseCapture
GetKeyState
MessageBoxA
CheckMenuItem
IsIconic
ShowWindow
SetForegroundWindow
LoadMenuA
PostMessageA

gdi32

CreateCompatibleDC
SelectObject
DeleteDC
DeleteObject
GetDeviceCaps
GdiSetBatchLimit

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance

binkw32

_BinkOpenMiles@4
_BinkSetSoundSystem@8
_BinkGetRects@8
_BinkOpen@8
_BinkClose@4
_BinkPause@8
_BinkDDSurfaceType@4
_BinkCopyToBuffer@28
_BinkDoFrame@4
_BinkGoto@12
_BinkNextFrame@4
_BinkGetSummary@8
_BinkWait@4

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 216KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ba87eb69cacf5319169919592960dc0

Headers

File Characteristics

Imports

version

winmm

mss32

smackw32

ddraw

wsock32

kernel32

user32

gdi32

advapi32

shell32

ole32

binkw32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 140KB - Virtual size: 138KB

.data Size: 216KB - Virtual size: 323KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 140KB - Virtual size: 138KB

.data
Size: 216KB - Virtual size: 323KB

.rsrc
Size: 104KB - Virtual size: 104KB