f074832aa483123bb79ff92daf3c9b11_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f074832aa483123bb79ff92daf3c9b11_JaffaCakes118
Size

282KB
MD5

f074832aa483123bb79ff92daf3c9b11
SHA1

d458af5858f4cffc7976482bedc0366d2da0b49a
SHA256

896b25f173de4849df4bf2508570858ed0ebdf470ba590e8776798d88e6bd086
SHA512

6f73d18abbaaaf74a977966954a2988f89ad6bab2a918359d9c26fb3447b32dd163cbfe8e5eb78ccd3a5737592656207e7aba97bcaae8ed256b3488726e8de7a
SSDEEP

6144:xbW3IIe0l2lPvmXUYU7622y6rD8bjOLDNy2vHXcHEyIcQiJ0Uvb88:pak0l5UKD8bjOLDNy2vnyIcQ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f074832aa483123bb79ff92daf3c9b11_JaffaCakes118

Files

f074832aa483123bb79ff92daf3c9b11_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f4310414bdabdaa5a1ea756f54bd186c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Devel\projects\bink\build\binkw32.pdb

Imports

user32

DestroyWindow
GetClassLongA
RegisterClassA
ChangeDisplaySettingsA
IsWindowVisible
GetSystemMetrics
GetCursorPos
DefWindowProcA
ReleaseDC
PeekMessageA
CreateWindowExA
UnregisterClassA
ShowCursor
GetTopWindow
GetWindowLongA
GetActiveWindow
GetWindowThreadProcessId
GetWindow
EndPaint
ClientToScreen
MessageBoxA
SetCursor
ScreenToClient
GetWindowRect
IsIconic
GetClientRect
BeginPaint
GetDC

gdi32

CreateDIBSection
GetDeviceCaps
StretchBlt
GetDIBits
SetPixel
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
GetPixel
DeleteDC

kernel32

RtlUnwind
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
InterlockedExchange
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualFree
VirtualQuery
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
GetSystemTimeAsFileTime
GetLocaleInfoA
VirtualProtect
WriteFile
HeapCreate
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
Sleep
GetCurrentProcessId
OutputDebugStringA
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
CreateFileA
SetFilePointer
ReadFile
CloseHandle
HeapAlloc
HeapFree
GetSystemInfo
WaitForSingleObject
SetEvent
CreateEventA
SetThreadPriority
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
ResumeThread
CreateThread
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersionExA
GetCommandLineA

winmm

waveOutPrepareHeader
waveOutOpen
waveOutUnprepareHeader
waveOutSetVolume
waveOutReset
waveOutRestart
waveOutPause
waveOutWrite
waveOutClose
timeGetTime
timeBeginPeriod
timeEndPeriod

Exports

Exports

_BinkBufferBlit@12
_BinkBufferCheckWinPos@12
_BinkBufferClear@8
_BinkBufferClose@4
_BinkBufferGetDescription@4
_BinkBufferGetError@0
_BinkBufferLock@4
_BinkBufferOpen@16
_BinkBufferSetDirectDraw@8
_BinkBufferSetHWND@8
_BinkBufferSetOffset@12
_BinkBufferSetResolution@12
_BinkBufferSetScale@12
_BinkBufferUnlock@4
_BinkCheckCursor@20
_BinkClose@4
_BinkCloseTrack@4
_BinkControlBackgroundIO@8
_BinkControlPlatformFeatures@8
_BinkCopyToBuffer@28
_BinkCopyToBufferRect@44
_BinkDDSurfaceType@4
_BinkDX8SurfaceType@4
_BinkDX9SurfaceType@4
_BinkDoFrame@4
_BinkGetError@0
_BinkGetFrameBuffersInfo@8
_BinkGetKeyFrame@12
_BinkGetPalette@4
_BinkGetRealtime@12
_BinkGetRects@8
_BinkGetSummary@8
_BinkGetTrackData@8
_BinkGetTrackID@8
_BinkGetTrackMaxSize@8
_BinkGetTrackType@8
_BinkGoto@12
_BinkIsSoftwareCursor@8
_BinkLogoAddress@0
_BinkNextFrame@4
_BinkOpen@8
_BinkOpenDirectSound@4
_BinkOpenMiles@4
_BinkOpenTrack@8
_BinkOpenWaveOut@4
_BinkPause@8
_BinkRegisterFrameBuffers@8
_BinkRestoreCursor@4
_BinkService@4
_BinkSetError@4
_BinkSetFrameRate@8
_BinkSetIO@4
_BinkSetIOSize@4
_BinkSetMemory@8
_BinkSetMixBinVolumes@20
_BinkSetMixBins@16
_BinkSetPan@12
_BinkSetSimulate@4
_BinkSetSoundOnOff@8
_BinkSetSoundSystem@8
_BinkSetSoundTrack@8
_BinkSetVideoOnOff@8
_BinkSetVolume@12
_BinkShouldSkip@4
_BinkWait@4
_RADTimerRead@0

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BINK
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKY12
Size: 512B - Virtual size: 506B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKY16
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKP8
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BINKBSS
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BINKDATA
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4310414bdabdaa5a1ea756f54bd186c

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

winmm

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

BINK Size: 87KB - Virtual size: 87KB

BINKY12 Size: 512B - Virtual size: 506B

BINKY16 Size: 2KB - Virtual size: 2KB

BINKP8 Size: 2KB - Virtual size: 2KB

BINK16 Size: 4KB - Virtual size: 4KB

BINK32 Size: 5KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 7KB

BINKBSS Size: 21KB - Virtual size: 20KB

BINKDATA Size: 16KB - Virtual size: 15KB

.rsrc Size: 102KB - Virtual size: 102KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 23KB - Virtual size: 22KB

BINK
Size: 87KB - Virtual size: 87KB

BINKY12
Size: 512B - Virtual size: 506B

BINKY16
Size: 2KB - Virtual size: 2KB

BINKP8
Size: 2KB - Virtual size: 2KB

BINK16
Size: 4KB - Virtual size: 4KB

BINK32
Size: 5KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 7KB

BINKBSS
Size: 21KB - Virtual size: 20KB

BINKDATA
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 102KB - Virtual size: 102KB

.reloc
Size: 6KB - Virtual size: 6KB