d60dbbb73160a9934d313d2ce6030310_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d60dbbb73160a9934d313d2ce6030310_JaffaCakes118
Size

864KB
MD5

d60dbbb73160a9934d313d2ce6030310
SHA1

2d3677d6d133a7c0624082f510f81b05d384da22
SHA256

8e848773842946dc6f9e58ea38693f4efb4fb29dbc2cf0d89411b232b6256bac
SHA512

bf00445bf5ed9bac9f2e0061e3129bf01a6c183c3214b80f5f7cd7fe6877666ef85b226b9f566ceda241649b831ff55ea1f0c1229903a89ecb2b627dc8892611
SSDEEP

24576:99MvLuKwaOecvSTZAQZaMM/nIEc4iqbSbmPpTD:99Mjpwxec6TZAQZMPsCbSCD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d60dbbb73160a9934d313d2ce6030310_JaffaCakes118

Files

d60dbbb73160a9934d313d2ce6030310_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f6cdf1b086da71c2ab21d401215cf06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\!Support\piratville\!source\source_pirates_09_11_07\Release\piratville support.pdb

Imports

kernel32

GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
VirtualQuery
InterlockedExchange
LoadLibraryA
GetEnvironmentStringsW
MapViewOfFile
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetFileSize
IsValidCodePage
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
CreateFileMappingA
CreateFileW
UnmapViewOfFile
FindResourceW
IsProcessorFeaturePresent
GetCurrentThread
SetLastError
TlsAlloc
SearchPathA
FindFirstFileA
FindNextFileA
GetModuleHandleA
FindResourceA
SizeofResource
LoadResource
LockResource
ExitProcess
CreateDirectoryA
GetCurrentDirectoryA
CreateMutexA
SetCurrentDirectoryA
GetLastError
Sleep
GlobalAlloc
CreateFileA
WriteFile
SetFilePointer
SetEndOfFile
SetStdHandle
GetStdHandle
SetEnvironmentVariableA
GetCPInfo
CloseHandle
GlobalFree
LocalAlloc
WideCharToMultiByte
SetHandleCount
HeapSize
HeapFree
HeapAlloc
GetFileType
RtlUnwind
ReadFile
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
MultiByteToWideChar
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetProcAddress
RaiseException
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetFileAttributesA

user32

LoadImageA
MessageBoxA
EndDialog
InvalidateRect
DrawTextA
GetDlgItemTextW
SetDlgItemTextW
SetWindowTextW
SetDlgItemTextA
DialogBoxParamA
GetWindowTextA
LoadBitmapA
CheckDlgButton
CreateDialogParamA
GetActiveWindow
SetForegroundWindow
SetFocus
PeekMessageA
TranslateMessage
DispatchMessageA
ShowCursor
GetDC
EndPaint
BeginPaint
GetDlgItem
SendMessageA
SetWindowTextA
EnableWindow
LoadIconA
RegisterClassExA
CreateWindowExA
DefWindowProcA
SetActiveWindow
DestroyWindow
UnregisterClassA
SetCursorPos
GetWindowRect
GetClientRect
GetCursorPos
LoadCursorA
SetClassLongA
GetDesktopWindow
ShowWindow
GetSystemMetrics
SetWindowPos
SetWindowLongA

gdi32

SetBkMode
Rectangle
SetTextColor
GetStockObject
StretchDIBits
CreateCompatibleBitmap
GetDIBits
BitBlt
SetStretchBltMode
SelectObject
StretchBlt
DeleteDC
CreateBitmap
GetObjectA
DeleteObject
CreateCompatibleDC

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegCreateKeyExA

shell32

SHGetFolderPathA
ShellExecuteA

bass

BASS_Pause
BASS_SetGlobalVolumes
BASS_ChannelIsActive
BASS_SampleStop
BASS_ChannelSetAttributes
BASS_Free
BASS_ChannelStop
BASS_StreamPlay
BASS_MusicSetAmplify
BASS_MusicLoad
BASS_StreamCreateFile
BASS_SampleLoad
BASS_Init
BASS_Start
BASS_Stop
BASS_MusicPlayEx
BASS_SamplePlayEx

winmm

timeGetTime

d3d8

Direct3DCreate8

dinput8

DirectInput8Create

comctl32

InitCommonControlsEx
ord16
ord17

msimg32

AlphaBlend

Sections

.text
Size: 704KB - Virtual size: 701KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f6cdf1b086da71c2ab21d401215cf06

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

bass

winmm

d3d8

dinput8

comctl32

msimg32

Sections

.text Size: 704KB - Virtual size: 701KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 24KB - Virtual size: 7.7MB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 704KB - Virtual size: 701KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 24KB - Virtual size: 7.7MB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 56KB - Virtual size: 55KB