dae6ff65202544a46ef4ef252c49d8bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dae6ff65202544a46ef4ef252c49d8bb_JaffaCakes118
Size

731KB
MD5

dae6ff65202544a46ef4ef252c49d8bb
SHA1

60842f36b8ddbf39b699b83a081fc8795f21d514
SHA256

fd553214994a61ccbcf57e23209346a65bf3f889468d4e899fc4bd2ef1279885
SHA512

fd4803adc381e8d8288dc152f4f60e10cff82be64f22831b420fb1dc36621ee9811029fbb83d87a84b5bffe81814cd572c478aaf73b083916bc6f2eb0288a54e
SSDEEP

12288:+Vl21EngiYzUEhFU+bFUcSebPMejdSdw4UAlcutbvyZ9QZVRW:+Vl21EngiY4EhFUBr7iSdEg6HQZVR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dae6ff65202544a46ef4ef252c49d8bb_JaffaCakes118

Files

dae6ff65202544a46ef4ef252c49d8bb_JaffaCakes118
.exe windows:6 windows x86 arch:x86

ab0b0e5081a5284557c0b45723c66bfd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Hearts.pdb

Imports

kernel32

LoadLibraryExA
InterlockedCompareExchange
CreateThread
GetTickCount64
FindResourceExW
GetThreadLocale
FreeLibrary
GetLastError
GetProcAddress
DelayLoadFailureHook
GetDateFormatW
CreateFileW
CloseHandle
HeapSetInformation
GetTickCount
GetModuleHandleW
LocalFree
IsProcessorFeaturePresent
GetSystemInfo
UnmapViewOfFile
CreateFileA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OutputDebugStringA
VirtualAlloc
VirtualFree
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
FormatMessageW
FreeResource
GlobalAlloc
InterlockedExchange
Sleep
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
ExitProcess
SleepEx
OutputDebugStringW
SetCurrentDirectoryW
GetModuleFileNameW
RegisterApplicationRestart
GetCommandLineW
CreateMutexW
RaiseException
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
MulDiv
SetLastError
GlobalDeleteAtom
GlobalAddAtomW
GetVersionExW
LoadLibraryW
QueryPerformanceFrequency
MultiByteToWideChar
DeleteFileW
GetCurrentDirectoryW
GetFileSize
ReadFile
WriteFile
SetFilePointer
MoveFileExW
GetFileAttributesW
CreateDirectoryW
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
WideCharToMultiByte
CreateEventW
LoadLibraryExW
LockResource
LoadResource
SizeofResource
FindResourceW
WriteConsoleW
GetFileType
GetStdHandle
DebugBreak
ExpandEnvironmentStringsW
GlobalFree

gdi32

SetMapMode
ExtTextOutA
MoveToEx
CreateFontIndirectA
GetFontLanguageInfo
RemoveFontResourceW
CreateFontIndirectW
GetObjectW
GetTextExtentPoint32W
SelectObject
DeleteObject
GetTextMetricsW
GetCharacterPlacementW
GetCharacterPlacementA
CreateDIBSection
GetGlyphOutlineA
SetTextAlign
SaveDC
CreateRoundRectRgn
GetObjectA
CreatePen
Rectangle
GetBkColor
GetTextColor
DeleteDC
GetTextMetricsA
RestoreDC
CreateFontW
CreateSolidBrush
PatBlt
ExtTextOutW
CreateCompatibleDC
CreateBitmap
BitBlt
ExcludeClipRect
GetDeviceCaps
SetTextColor
SetBkColor
SetBkMode
GetStockObject
AddFontResourceW

user32

DestroyWindow
CreateDialogParamW
EnableWindow
GetDlgItemTextW
IsDlgButtonChecked
CheckDlgButton
LoadStringW
SetDlgItemTextW
SetWindowTextW
ShowWindow
GetDC
GetClientRect
GetWindowLongW
ShowCursor
KillTimer
IsIconic
GetSystemMetrics
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
PeekMessageW
SetTimer
UnhookWindowsHookEx
LoadAcceleratorsW
RegisterRawInputDevices
SetForegroundWindow
BringWindowToTop
FindWindowW
SetWindowLongW
GetClassInfoExW
LoadCursorW
SetMenuInfo
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
GetCursorPos
TrackPopupMenu
FillRect
GetSysColor
EqualRect
UnionRect
GetMonitorInfoW
MonitorFromRect
MonitorFromWindow
SendInput
SetWindowPlacement
IsWindowVisible
GetWindowPlacement
SetClassLongW
SetCursor
CallNextHookEx
OffsetRect
GetMenu
PostMessageW
ReleaseDC
DrawMenuBar
RedrawWindow
DefWindowProcW
SetCapture
TrackMouseEvent
IsRectEmpty
IntersectRect
GetRawInputData
GetKeyState
GetForegroundWindow
DrawFrameControl
PtInRect
ScreenToClient
ReleaseCapture
EndPaint
GetSysColorBrush
BeginPaint
RegisterClassExW
GetSubMenu
SetPropW
SetWindowsHookExW
RegisterClassW
RegisterWindowMessageW
SetRect
NotifyWinEvent
GetDoubleClickTime
DrawTextW
CallWindowProcW
GetParent
AdjustWindowRect
GetIconInfo
MessageBoxW
GetWindow
GetClassNameW
GetNextDlgGroupItem
SetFocus
GetDlgCtrlID
EndDialog
GetWindowTextW
DrawEdge
IsWindowEnabled
EnumChildWindows
SetWindowRgn
IsDialogMessageW
GetNextDlgTabItem
CreateDialogIndirectParamW
DialogBoxParamW
GetProcessDefaultLayout
LoadMenuW
LoadIconW
AdjustWindowRectEx
MapDialogRect
EnumDisplayMonitors
GetFocus
SendMessageW
GetDlgItem
GetWindowRect
MapWindowPoints
SetWindowPos
SetMenu
InvalidateRect
DestroyMenu
SystemParametersInfoW
PostQuitMessage
CreateWindowExW
UnregisterClassA
IsZoomed

msvcrt

_vscwprintf
qsort
memcpy
_CIlog
floor
wcsncmp
wcstol
memmove
strncmp
_errno
_CIpow
_snwprintf_s
wcstoul
_ftol2
wcscat_s
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
memmove_s
_wcsnicmp
wcscspn
_localtime64_s
_vsnwprintf_s
_wcsicmp
wcsspn
wcstod
_wcstoui64
_controlfp
_except_handler4_common
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
malloc
_callnewh
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
_time64
wcscpy_s
wcschr
time
srand
swprintf_s
rand
_CIsqrt
_CIsin
_CIcos
_CIatan
_wtoi
wcsncpy_s
_purecall
_ftol2_sse
memset
realloc
free
__CxxFrameHandler3
_CIacos
_CIatan2
_finite
_strdup
setlocale
iswpunct
iswdigit
iswalpha
iswspace

ntdll

WinSqmIncrementDWORD
WinSqmAddToStream

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance

shell32

CommandLineToArgvW
SHGetFolderPathW
SHSetLocalizedName
ShellAboutW
SHGetFolderPathEx
ShellExecuteW

advapi32

GetUserNameW

oleaut32

SysAllocString
SysStringLen
VariantInit
VariantClear
SysFreeString

shlwapi

PathCombineW
PathFileExistsW

comctl32

ImageList_Add
ImageList_Destroy
InitCommonControlsEx
ImageList_Create

gdiplus

GdipDrawString
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipCreateRegionHrgn
GdipSetClipRegion
GdipSetClipRectI
GdipDrawImageRectRectI
GdipDrawImagePointRectI
GdipMeasureString
GdipFillRegion
GdipFillRectangleI
GdipDrawRectangleI
GdipDrawRectangle
GdipDrawLineI
GdipReleaseDC
GdipGetDC
GdipCreateFromHDC
GdipSetStringFormatHotkeyPrefix
GdipSetPenDashStyle
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipDeleteBrush
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipDeleteFont
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCreateSolidFill
GdipSetStringFormatFlags
GdipCreateLineBrushFromRectI
GdipSetStringFormatLineAlign
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
GdipSetStringFormatAlign
GdipDrawImageRectI
GdipCloneBrush
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreatePen1
GdipDeletePen
GdipDeleteRegion
GdipImageRotateFlip
GdipSetImageAttributesWrapMode

secur32

GetUserNameExW

d3d9

Direct3DCreate9

dsound

ord11

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

oleacc

LresultFromObject
CreateStdAccessibleProxyW
AccessibleChildren
AccessibleObjectFromWindow

xinput9_1_0

XInputGetState

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

slc

SLGetWindowsInformationDWORD

usp10

ScriptItemize
ScriptBreak

Sections

.text
Size: 551KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 34KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vxlmvze
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab0b0e5081a5284557c0b45723c66bfd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

msvcrt

ntdll

ole32

shell32

advapi32

oleaut32

shlwapi

comctl32

gdiplus

secur32

d3d9

dsound

winmm

oleacc

xinput9_1_0

wtsapi32

slc

usp10

Sections

.text Size: 551KB - Virtual size: 550KB

.data Size: 34KB - Virtual size: 54KB

.rsrc Size: 83KB - Virtual size: 82KB

.reloc Size: 61KB - Virtual size: 62KB

vxlmvze Size: - Virtual size: 4KB

.text
Size: 551KB - Virtual size: 550KB

.data
Size: 34KB - Virtual size: 54KB

.rsrc
Size: 83KB - Virtual size: 82KB

.reloc
Size: 61KB - Virtual size: 62KB

vxlmvze
Size: - Virtual size: 4KB