d9d2ed7e5a47d8b5557fad5e2afaa662_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9d2ed7e5a47d8b5557fad5e2afaa662_JaffaCakes118
Size

327KB
MD5

d9d2ed7e5a47d8b5557fad5e2afaa662
SHA1

b580d20b81ec9d8803428822d6e6171895098d46
SHA256

246f262f9635e667d2d745b1be9a148deba1ebf945bd9bb90ea850dcaee2e80d
SHA512

e3a6948bfab1407e4302a503439b4f16b013f0a812daa80e834fcf7e633abf208626282e7e167f3be1b643a839c3804d42bd442a577e5f21a8ccf0a61b15c9c3
SSDEEP

6144:wz/6hoJHRZ86PJbSflh+NunIrSLsvn/lfOF3Vg6ShaAM:weqZ86RbKmNSISLsXhOlSh+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/F2T v1.5.exe

Files

d9d2ed7e5a47d8b5557fad5e2afaa662_JaffaCakes118
.zip
Cheats.nfo
F2T v1.5.exe
.exe windows:4 windows x86 arch:x86

17f75ccd0260cdd05f88c366d770a563

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringW
GetACP
GetOEMCP
DuplicateHandle
lstrcmpA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentProcess
GetLastError
WideCharToMultiByte
GetModuleHandleA
SetEvent
GetProcAddress
GetCPInfo
HeapSize
TerminateProcess
ExitProcess
ExitThread
CreateThread
RaiseException
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapReAlloc
HeapFree
HeapAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalAddAtomA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
SetLastError
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
CreateFileA
ReadFile
WaitForSingleObject
GetStringTypeA
GlobalDeleteAtom
lstrcmpiA
CloseHandle
GetStringTypeW
GetCurrentThread
GetSystemDirectoryA
CreateEventA
SuspendThread
ResumeThread
LocalFree
lstrcpynA
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
MulDiv
GetVersion
GetCurrentThreadId
LockResource
FindResourceA
LoadResource
GetVersionExA
SetUnhandledExceptionFilter
SetFileAttributesA
GlobalAlloc
WriteProcessMemory
OpenProcess
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
lstrcatA
ReadProcessMemory
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrlenA

user32

IsDialogMessageA
MoveWindow
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
WindowFromPoint
ShowOwnedPopups
LoadStringA
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
CharUpperA
GetClassNameA
GetDesktopWindow
GetSysColorBrush
DestroyMenu
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsChild
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
CallNextHookEx
SetPropA
GetLastActivePopup
GetPropA
GetTopWindow
GetMessagePos
SetWindowLongA
GetNextDlgTabItem
EndDialog
GetActiveWindow
DestroyWindow
GetWindowLongA
IsWindowEnabled
CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
CreateIconIndirect
MessageBoxA
GetWindow
IsWindowVisible
GetWindowTextA
FindWindowA
EnumWindows
GetClassInfoA
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowThreadProcessId
PostMessageA
SetWindowRgn
SetWindowPos
GetDlgItem
SetWindowTextA
IsIconic
DrawIcon
LoadIconA
SetScrollRange
EnableScrollBar
GetScrollPos
GetScrollRange
SetScrollPos
UpdateWindow
MessageBeep
LoadCursorA
CopyIcon
GetParent
ScreenToClient
GetDC
ReleaseDC
IsWindow
SetCursor
InvalidateRect
GetAsyncKeyState
GetFocus
ScrollDC
DrawTextA
GetClientRect
FillRect
InflateRect
CopyRect
DrawFocusRect
OffsetRect
SetRect
EnableWindow
SetCapture
ReleaseCapture
GetWindowRect
ClientToScreen
PtInRect
RedrawWindow
SetTimer
KillTimer
GetSysColor
GetSystemMetrics
SendMessageA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
SetScrollInfo
ShowScrollBar
SetActiveWindow
CreateDialogIndirectParamA
CallWindowProcA
GetMessageTime
SetForegroundWindow
GetForegroundWindow
RegisterWindowMessageA
RemovePropA
UnregisterClassA

gdi32

GetObjectA
DeleteObject
CombineRgn
ExtCreateRegion
BitBlt
SelectObject
CreateDIBSection
CreateCompatibleDC
CreateSolidBrush
CreatePen
GetBkColor
GetTextExtentPointA
CreateCompatibleBitmap
CreateFontA
CreateFontIndirectA
GetStockObject
FrameRgn
SetROP2
OffsetRgn
CreateRectRgn
CreateDIBitmap
CreatePalette
SetTextColor
RealizePalette
SetBkColor
CreateBitmap
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
MoveToEx
LineTo
SetTextAlign
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA

shell32

DragFinish
ShellExecuteA
DragQueryFileA

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File_id.diz
Readme.txt

Sharing

General

Malware Config

Signatures

Files

17f75ccd0260cdd05f88c366d770a563

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 18KB - Virtual size: 119KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 18KB - Virtual size: 119KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 13KB - Virtual size: 13KB