eebcfad1f5975d63e5ea3f68dd92f213_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eebcfad1f5975d63e5ea3f68dd92f213_JaffaCakes118
Size

1.1MB
MD5

eebcfad1f5975d63e5ea3f68dd92f213
SHA1

06fdb760d1bdd46f4eca19e339718c14fe70a35b
SHA256

57ea7d5fe0b0be391617191fe260cc49515f2f79b99039614b9f26751d183d34
SHA512

6e8ea919fb056f83723cf2eb3bc3d92c4458b3450cc056dcad64c4ad59c969e3f0d82de4925eb29ea842f817929e6c0d44b8ab1da9ddb2fc65660c58ec3b95b2
SSDEEP

1536:KrzTNH7eajLo5N8XYtH+/3dgT2JlsJG4mnG0rtmSPu:kp7Vno5Lo/2elsJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eebcfad1f5975d63e5ea3f68dd92f213_JaffaCakes118

Files

eebcfad1f5975d63e5ea3f68dd92f213_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4da62a225070803b4765bf5f60a5d610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mss32

_AIL_redbook_set_volume@8
_AIL_end_sample@4
_AIL_release_sample_handle@4
_AIL_set_preference@8
_AIL_get_preference@4
_AIL_waveOutOpen@16
_AIL_digital_configuration@16
_AIL_waveOutClose@4
_AIL_last_error@0
_AIL_mem_alloc_lock@4
_AIL_allocate_sample_handle@4
_AIL_init_sample@4
_AIL_mem_free_lock@4
_AIL_shutdown@0
_AIL_set_redist_directory@4
_AIL_startup@0
_AIL_set_digital_master_volume@8
_AIL_redbook_track@4
_AIL_redbook_volume@4
_AIL_start_sample@4
_AIL_redbook_retract@4
_AIL_redbook_eject@4
_AIL_set_sample_loop_count@8
_AIL_set_sample_pan@8
_AIL_set_sample_volume@8
_AIL_set_sample_user_data@12
_AIL_set_sample_file@12
_AIL_set_named_sample_file@20
_AIL_sample_status@4
_AIL_sample_user_data@8
_AIL_redbook_open@4
_AIL_redbook_track_info@16
_AIL_redbook_play@12
_AIL_redbook_status@4
_AIL_redbook_tracks@4
_AIL_redbook_close@4
_AIL_redbook_stop@4
_AIL_redbook_open_drive@4

binkw32

_BinkClose@4
_BinkGetError@0
_BinkGetSummary@8
_BinkSetVolume@8
_BinkOpenMiles@4
_BinkOpenDirectSound@4
_BinkSetSoundSystem@8
_BinkDDSurfaceType@4
_BinkOpen@8
_BinkService@4
_BinkNextFrame@4
_BinkCopyToBuffer@28
_BinkWait@4
_BinkPause@8
_BinkDoFrame@4

kernel32

GetTempPathA
GetTempFileNameA
SetLastError
LocalFree
VirtualProtect
DeleteFileA
RemoveDirectoryA
SetCurrentDirectoryA
lstrcpynA
SetLocalTime
GetLocalTime
CompareStringW
CompareStringA
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
IsBadCodePtr
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
VirtualAlloc
VirtualFree
HeapFree
HeapReAlloc
GetModuleFileNameA
InterlockedIncrement
LoadLibraryA
SetEndOfFile
OutputDebugStringA
GetVersion
lstrcmpiA
lstrcpyA
CreateFileMappingA
MapViewOfFile
lstrcatA
GetCurrentDirectoryA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
Sleep
GetTickCount
HeapAlloc
GetProcessHeap
GetCurrentProcessId
CloseHandle
ReadFile
GetFileSize
CreateFileA
InterlockedDecrement
DebugBreak
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
WriteFile
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
CreateDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileA
FindFirstFileA
GetLastError
RaiseException
GetCurrentProcess
TerminateProcess
ExitProcess
HeapValidate
IsBadReadPtr
IsBadWritePtr
RtlUnwind
FormatMessageA
MoveFileA
CopyFileA
GetSystemInfo
UnmapViewOfFile
FlushViewOfFile
lstrcmpA
GetProcAddress
lstrlenA

user32

wvsprintfA
CharNextA
DialogBoxParamA
GetActiveWindow
SetRect
GetWindowLongA
ClipCursor
GetWindowTextA
LoadCursorA
GetUpdateRect
ValidateRect
LoadIconA
LoadImageA
GetDC
SetWindowLongA
ReleaseDC
GetClientRect
ShowCursor
GetSystemMetrics
SetCursor
GetCursorPos
RedrawWindow
DefWindowProcA
SetFocus
ClientToScreen
EndDialog
wsprintfA
MessageBoxA
GetDlgItem
PostMessageA
DrawMenuBar
SetTimer
GetMessageA
KillTimer
TranslateMessage
PeekMessageA
DispatchMessageA
SetMessageQueue
CreateWindowExA
UpdateWindow
GetWindowRect
MoveWindow
RegisterClassExA
GetMenu
AdjustWindowRectEx
SetWindowPos
PostQuitMessage
GetKeyState
SetForegroundWindow
ScreenToClient
FindWindowA
IsIconic
ShowWindow
SetCursorPos

gdi32

SetBkColor
CreateFontIndirectA
SetTextColor
GetSystemPaletteEntries
SetBkMode
GetTextExtentPoint32A
TextOutA
GetStockObject
SelectObject
GetDeviceCaps
DeleteObject

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

serverlist_player_client

ord3

lsocket

?GetHostID@@YGKXZ
?IsTCP_IPAvailable@@YG_NXZ
?GetHostIDByName@@YGKPBD@Z

objnet

_DestroyObjNet@4
_ObjNetGetBuffer@12
_CreateObjNet@0

ppnet

_DestroyLanLobbyClient@4
_CreateLanLobbyClient@24

rich5lobbyclient

_CreateRich5LobbyClient@4
_DestroyRich5LobbyClient@4

rich5_local_server

?Call_HeartBeat@@YIXXZ
?Send_Packge_To_Local_Server@@YIXFPAX@Z
?Create_Local_Server@@YI_NP6IXIPAX@Z@Z

ws2_32

inet_ntoa
WSAStartup
inet_addr
sendto
WSASocketA
setsockopt
recvfrom
WSAGetLastError
select
htons

winmm

mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerClose
mixerOpen
mixerGetNumDevs
mciSendCommandA
mmioSetInfo
mmioGetInfo
mmioAdvance
mmioDescend
mmioSeek
mmioOpenA
mmioClose
mmioRead
mmioAscend
timeGetTime

ddraw

DirectDrawEnumerateA
DirectDrawCreate

dinput

DirectInputCreateA

Sections

.text
Size: 968KB - Virtual size: 964KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 682KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4da62a225070803b4765bf5f60a5d610

Headers

File Characteristics

Imports

mss32

binkw32

kernel32

user32

gdi32

shell32

ole32

serverlist_player_client

lsocket

objnet

ppnet

rich5lobbyclient

rich5_local_server

ws2_32

winmm

ddraw

dinput

Sections

.text Size: 968KB - Virtual size: 964KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 84KB - Virtual size: 682KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 968KB - Virtual size: 964KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 84KB - Virtual size: 682KB

.rsrc
Size: 8KB - Virtual size: 6KB