dc6496bf980d33f2cf091c0678eca10e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc6496bf980d33f2cf091c0678eca10e_JaffaCakes118
Size

440KB
MD5

dc6496bf980d33f2cf091c0678eca10e
SHA1

620de0684ce0b3dbf8d53e80ae79b3111ac50a95
SHA256

cc72e59c942cb06960d038527cc72172fce1dbe036da4ae88c97d9b13d5f5f20
SHA512

66e3b657448c2aa3f7f370d6a80d35ac4a5e5e5d17f7405ce034f46cf44a039fd6bae4e2145c32469d14e3e6df815c245101280a45d2b37c703e59870d6e13c2
SSDEEP

12288:HH0IS/Kx77JhJ/4gP9zySSYddvV9amvejA:nvzxfJvQgISSK7bn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/main.exe

Files

dc6496bf980d33f2cf091c0678eca10e_JaffaCakes118
.zip
main.exe
.exe windows:4 windows x86 arch:x86

83658bd78e73bdca395ba371808c6883

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetStartupInfoA
QueryPerformanceFrequency
GetFileAttributesA
CreateEventA
GetModuleHandleA
GetPrivateProfileStringA
CreateProcessA
OutputDebugStringA
GetTickCount
GetPrivateProfileIntA
lstrcatA
GetLastError
SetCurrentDirectoryA
GetLogicalDriveStringsA
GetDriveTypeA
SetErrorMode
GetVolumeInformationA
lstrcmpA
OpenMutexA
ReleaseMutex
CreateMutexA
InterlockedExchange
QueryPerformanceCounter
CloseHandle
GetLocalTime
WaitForSingleObject
Sleep
FreeLibrary
GetProcAddress
lstrcpyA

user32

TranslateMessage
UnregisterClassA
WaitForInputIdle
SetTimer
KillTimer
wsprintfA
UpdateWindow
ShowWindow
CreateWindowExA
GetSystemMetrics
RegisterClassA
LoadCursorA
LoadIconA
EnableWindow
DispatchMessageA
PeekMessageA
DestroyWindow
SetForegroundWindow
DefWindowProcA
EndPaint
GetClientRect
BeginPaint
PostMessageA
ClientToScreen
SetCursor
SetFocus
AdjustWindowRectEx
MessageBoxA
EnumDisplaySettingsA
SystemParametersInfoA
PostQuitMessage
ChangeDisplaySettingsA

gdi32

PatBlt
GetStockObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

ddraw

DirectDrawCreate

binkw32

_BinkSetSoundSystem@8
_BinkDoFrame@4
_BinkService@4
_BinkDDSurfaceType@4
_BinkOpenDirectSound@4
_BinkNextFrame@4
_BinkSetSoundTrack@4
_BinkOpen@8
_BinkPause@8
_BinkWait@4
_BinkCopyToBuffer@28
_BinkClose@4

kernel

?PointInsideTriangleQuad@@YAHAAY02M0000PAY02M@Z
?bReflectionTexGen@sCamera@@2_NA
?EnableMouse@sInput@@UAE_N_N@Z
?IsMouseEnabled@sInput@@UAE_NXZ
?Load@sGeometry@@UAEHPADH@Z
?dwrev@@YAII@Z
?ColorToVector@@YAXIAAY02M_N@Z
?GetClassID@sCamera@@UAEIXZ
?CreateStrips@sGeometry@@QAEPAEXZ
?FindSubObjectByID@sRuntimeInstance@@UAEPAU1@II@Z
?RenderTransparentFaces@sCamera@@QAEXM@Z
?SetTriangle@sBiCubicEvaluator@@QAEXAAY02M00000@Z
?EvalY@sBiCubicEvaluator@@QAEXMMPAMPAY02M@Z
?ComputeFaceNormal@@YAXAAUQuat@@AAY02M11_N@Z
?EnableTexGen@sCamera@@SA_NEEEW4TexGenMode@@PAUQuat@@PAUTransform3D@@1@Z
?LineTo3D@sCamera@@QAEXAAY02MPAUQuat@@@Z
?MoveTo3D@sCamera@@QAEXAAY02MPAUQuat@@@Z
?IsKindOf@sRuntimeClass@@UAE_NI@Z
?GetInfo@sRuntimeClass@@UAEPADXZ
??0sRuntimeClass@@QAE@PADGW4RuntimeCategory@@@Z
?GetData@sRuntimeClass@@UAEPADPAUsRuntimeInstance@@HPAH@Z
?EngAlloc@@YAPAXI@Z
?EngFree@@YAXPAX@Z
?GetScreenPixels@@YAXHHHHPAXPAW4PixelFormat@@PAW4DataType@@@Z
?GetViewport@@YAXAAH0@Z
?Close3DEngine@@YAXXZ
?InitEval@sTextureManager@@QAEXXZ
?Tex@@3UsTextureManager@@A
??1sObject@@UAE@XZ
?activeCamera@sCamera@@2PAU1@A
??_7sCamera@@6B@
??1sMaterial@@UAE@XZ
?BufferSwap@@YAI_N0@Z
?EndDrawPrimitive@sCamera@@QAEXXZ
?DrawBitmap@sCamera@@QAEXMMMMMMMMMMMMM@Z
?BeginDrawPrimitive@sCamera@@QAEXPAUsMaterial@@H_N@Z
?ClearViewport@sCamera@@UAEXHII@Z
?SetActive@sCamera@@UAEXXZ
??0sCamera@@QAE@PAUsObject@@PAUsGeometry@@MMMMMMMM@Z
?Init3DEngine@@YA_NHHH_NH0@Z
?RandomSeed@@YAXI@Z
??0sMaterial@@QAE@IIMMMIPAUsTexture@@PAPAUsRuntimeInstance@@@Z
?Input@sInput@@2PAU1@A
?WriteMessage@@3P6AXPAD@ZA
?SetMouseSenzitivity@sInput@@UAEXMM@Z
??0sRefTarget@@QAE@PAPAUsRuntimeInstance@@@Z
?GetClassID@sAutoList@@UAEIXZ
?IsKindOf@sAutoList@@UAE_NI@Z
??0sAutoList@@QAE@PAPAU0@@Z
?Remove@sAutoList@@QAEXXZ
?Link@sAutoList@@QAEXPAPAU1@@Z
?SetRotation@Transform3D@@QAEXMMMW4AxisMode@@@Z
?GetRuntimeClass@sRuntimeClass@@SAPAU1@PAD@Z
?GetDefBezierTangents@@YAMPAMHHH0@Z
?UpdateMatrix@sObject@@QAEXH@Z
?VectorialProduct@@YAXAAY02M00@Z
?VectorInverseRotate@@YAXAAY02MAAY122M0@Z
?GetBezierCoefs@@YAXAAUQuat@@MMMM@Z
?ComputeCurrentSector@sCamera@@UAEXPAUsObject@@@Z
?SetWorld@sCamera@@UAEXPAUsObject@@@Z
?Normalize@@YAMAAY02M0@Z
?AfterRender@sRenderController@@UAEXPAUsCamera@@PAUTransform3D@@PAUQuat@@H_N@Z
??_7sVirtual@@6B@
?Render@sCamera@@UAEXXZ
?IsKindOf@sVirtual@@UAE_NI@Z
?Answer@cEngAnswer@@UAEHHHH@Z
?GetClassID@sVirtual@@UAEIXZ
?Merge@cEngAnswer@@QAEXPAD@Z
?Load@cAnswer@@QAE_NPAD@Z
?globallist@sGeometry@@2PAU1@A
?Rotate@Transform3D@@QAEXIMH@Z
?SetColorMask@sCamera@@SA_NE@Z
?SetParameters@sCamera@@QAEXMMMMMMMM@Z
?camlist@sCamera@@2PAU1@A
??_7sLight@@6B@
?EnableDepthWrite@sCamera@@SAX_N@Z
??1sRefTarget@@UAE@XZ
?CrtMaxAnisotropy@sTexture@@2MA
??_7sRenderController@@6B@
??0sLight@@QAE@PAUsObject@@PAUsGeometry@@IMPAPAUsRuntimeInstance@@@Z
?GetNormalVector@@YAXAAY02M0@Z
?globallist@sMaterial@@2PAU1@A
?EnableSpecular@sCamera@@SAX_NM@Z
??0sController@@QAE@PAPAUsRuntimeInstance@@@Z
?GetMatrix@@YAXAAY122MAAY02M1W4GetMatrixMode@@@Z
?Create@sRuntimeClass@@SAPAUsRuntimeInstance@@PADPAPAU2@II@Z
?GetClassID@sRenderController@@UAEIXZ
?SetColor@sMaterial@@QAEXPAUQuat@@@Z
?Clone@sRuntimeInstance@@UAEPAU1@XZ
?FindSubObjectByID@sRefTarget@@UAEPAUsRuntimeInstance@@II@Z
?IsKindOf@sRenderController@@UAE_NI@Z
?Action@sRenderController@@UAEXM@Z
?Reset@sController@@UAEXXZ
?Load@sRuntimeInstance@@UAEHPADH@Z
?GetClassID@sParallelLight@@UAEIXZ
?IsKindOf@sParallelLight@@UAE_NI@Z
?Stop@sController@@UAEXXZ
?Affect@sParallelLight@@UAE_NPAUsObject@@@Z
?GetClassID@sAmbientLight@@UAEIXZ
?Clone@sParallelLight@@UAEPAUsRuntimeInstance@@XZ
?Clone@sAmbientLight@@UAEPAUsRuntimeInstance@@XZ
?Affect@sAmbientLight@@UAE_NPAUsObject@@@Z
?IsKindOf@sAmbientLight@@UAE_NI@Z
?MoveTo2D@sCamera@@QAEXMMI@Z
?LineTo2D@sCamera@@QAEXMMPAUQuat@@@Z
?BeginLines@sCamera@@QAEX_N@Z
?ReplaceMaterial@sGeometry@@QAEXHPAUsMaterial@@@Z
?globallist@sObject@@2PAU1@A
?EndLines@sCamera@@QAEXXZ
?RecCloneSubHierarchy@sObject@@QAEXPAU1@@Z
?FindByID@sRuntimeInstance@@QAEPAU1@II_N@Z
?FindByName@sRefTarget@@QAEPAU1@PAD@Z
?Random32@@YAIXZ
?LowRender@sCamera@@QAEXPAUsObject@@HPAUsMirrorGeometry@@@Z
?EnableDepthTest@sCamera@@SAX_N@Z
?ColorBits@sCamera@@2EA
?Update@sTexture@@QAEXHHHHHHHHH@Z
?LineTo2D@sCamera@@QAEXMMI@Z
?Assign@sController@@UAEXPAXPA_N1@Z
?MoveTo2D@sCamera@@QAEXMMPAUQuat@@@Z
?SetTexEnvFunction@sMaterial@@QAEXHW4RGBAFunc@@W4RGBASource@@11W4RGBAOp@@22W4RGBAScale@@0111223@Z
?MatrixProductWithTranspose@@YAXAAY122M00@Z
?DrawPrimitive@sCamera@@QAEXPAPAUsPoint@@_N@Z
?Inverse@Transform3D@@QAEXAAU1@@Z
?LoadModelViewMatrix@sCamera@@SA_NPAUTransform3D@@@Z
?ProjectToViewport@sCamera@@QAE_NPAMAAY02M@Z
?SetLineStyle@sCamera@@SAXMH_N@Z
?MoveTo3D@sCamera@@QAEXAAY02MI@Z
?LineTo3D@sCamera@@QAEXAAY02MI@Z
?GetTexture@sTextureManager@@QAEPAUsTexture@@PAD@Z
?AddTexture@sTextureManager@@QAEPAUsTexture@@PAD0W4MatFlag@@W4TexFormat@@HHW4DataFormat@@W4TexType@@H@Z
?VectorInverseTransform@@YAXAAY02MAAUTransform3D@@0@Z
?GetClassID@sMaterial@@UAEIXZ
?IsKindOf@sMaterial@@UAE_NI@Z
?Clone@sMaterial@@UAEPAUsRuntimeInstance@@XZ
?Action@sRefTarget@@UAEXM@Z
??_7sRuntimeInstance@@6B@
?TexEnvCaps@sMaterial@@2EA
?maxdimensions@sTexture@@2HA
??0sObject@@QAE@PAU0@PAUsGeometry@@PAPAUsRuntimeInstance@@@Z
?MatrixTranspose@@YAXAAY122M@Z
??1cAnswer@@UAE@XZ
??0cEngAnswer@@QAE@H@Z
??_7sAutoList@@6B@
?Load@sRuntimeClass@@UAEHPAUsRuntimeInstance@@PADH@Z
?PointProjectionOnLine@@YAMAAY02M00_N@Z
?FastNormalize@@YAXAAY02M0@Z
?MatrixToQuat@@YAXAAY122MAAUQuat@@@Z
?QuatToMatrix@@YAXAAUQuat@@AAY122M@Z
?ToRadAngles@Transform3D@@QAEXAAY02MW4AxisMode@@@Z
??0sController@@QAE@AAU0@@Z
?MaxMaxAnisotropy@sTexture@@2MA
??_7sInput@@6B@
?IsKindOf@sCamera@@UAE_NI@Z
?SetBlendFunction@sCamera@@SAXW4BlendFunc@@0@Z
?SetFog@sCamera@@SAXHIMMM@Z
?ChangeParent@sObject@@QAEXPAU1@_N@Z
?GetClassID@sRefTarget@@UAEIXZ
?IsKindOf@sRefTarget@@UAE_NI@Z
?MatrixProduct@@YAXAAY122M00@Z
?Init@Transform3D@@QAEX_N0@Z
??0sRuntimeInstance@@QAE@AAU0@@Z
?Update@sMaterial@@QAEXXZ
?ColorToQuat@@YAXIAAUQuat@@_N@Z
?SetRenderMode@sCamera@@SAXW4RenderMode@@@Z
?CreateDrawList@sGeometry@@QAEPAE_N0@Z
??0sRuntimeInstance@@QAE@PAPAU0@@Z
?CheckVersion@cEngAnswer@@UAE_NPAU_iobuf@@@Z
?SetWorld@cEngAnswer@@QAEXPAUsObject@@@Z
??1sGeometry@@UAE@XZ
?DeleteDrawList@sGeometry@@QAEXXZ
?fogZmax@sCamera@@2MA
?fogZmin@sCamera@@2MA
?fogcolor@sCamera@@2HA
?fogtype@sCamera@@2HA
?sFrame@sObject@@2IA
??0sGeometry@@QAE@PAPAUsRuntimeInstance@@@Z
?GetClassID@sGeometry@@UAEIXZ
?IsKindOf@sGeometry@@UAE_NI@Z
?Clone@sGeometry@@UAEPAUsRuntimeInstance@@XZ
?Render@sObject@@UAE_NPAUsCamera@@PAUTransform3D@@PAUQuat@@H_N3@Z
?ComputeCurrentSector@sObject@@UAEXPAU1@@Z
?RemoveChild@sObject@@UAEXPAU1@_N1@Z
?AddChild@sObject@@UAEXPAU1@@Z
?Action@sObject@@UAEXM@Z
?GetData@sRuntimeInstance@@UAEPADHPAH@Z
?Load@sObject@@UAEHPADH@Z
?FindSubObjectByID@sObject@@UAEPAUsRuntimeInstance@@II@Z
?GetRuntimeClass@sRuntimeInstance@@UAEPAUsRuntimeClass@@XZ
?Clone@sObject@@UAEPAUsRuntimeInstance@@XZ
?Message@sVirtual@@UAEHHII@Z
?IsKindOf@sObject@@UAE_NI@Z
?GetClassID@sObject@@UAEIXZ
?AcceptConnexion@cAnswer@@UAE_NXZ

movietex.act

?pfnGetFileInfo@movietex@@2P6A_NPBDPAHPAD_N@ZA
?IsKindOf@movietex@@UAE_NI@Z
?Action@movietex@@UAEXM@Z
?GetClassID@movietex@@UAEIXZ
??0movietex@@QAE@PAPAUsRuntimeInstance@@PAUsObject@@@Z
??1movietex@@UAE@XZ

msvcrt

gmtime
_strlwr
_chdir
_getcwd
_except_handler3
_controlfp
__p__commode
__set_app_type
__p__fmode
_initterm
_adjust_fdiv
__setusermatherr
exit
__getmainargs
_acmdln
_onexit
_XcptFilter
_exit
strcspn
__dllonexit
_CIasin
printf
toupper
memmove
malloc
fflush
free
_CIacos
ctime
strncat
_stricmp
remove
asctime
_strdate
vsprintf
strchr
atol
_strtime
fprintf
strncpy
ungetc
fgetc
ftell
rand
fseek
_endthread
fread
srand
localtime
_beginthread
time
_ftol
_purecall
strstr
strrchr
atoi
atof
fopen
strncmp
sprintf
sscanf
fwrite
fclose
_findclose
_findnext
_findfirst
_strnicmp
_strupr
_itoa
__CxxFrameHandler
_cprintf
_strcmpi
??0exception@@QAE@ABV0@@Z
_CxxThrowException
__RTDynamicCast
??1type_info@@UAE@XZ
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_snprintf

ws2_32

gethostname
__WSAFDIsSet
select
getsockname
listen
setsockopt
ioctlsocket
WSAGetLastError
shutdown
recv
recvfrom
send
sendto
connect
accept
socket
bind
closesocket
ntohs
htons
ntohl
htonl
WSACleanup
WSAStartup
inet_addr
gethostbyname
getsockopt
inet_ntoa

winmm

mciGetErrorStringA
mciSendCommandA
mixerGetNumDevs
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerOpen
mixerSetControlDetails
mixerClose
mixerGetControlDetailsA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

Sections

.text
Size: 836KB - Virtual size: 835KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sc.txt

Sharing

General

Malware Config

Signatures

Files

83658bd78e73bdca395ba371808c6883

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ddraw

binkw32

kernel

movietex.act

msvcrt

ws2_32

winmm

wininet

Sections

.text Size: 836KB - Virtual size: 835KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 52KB - Virtual size: 290KB

.text
Size: 836KB - Virtual size: 835KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 52KB - Virtual size: 290KB