fb61a684c5b64dc6c305106fadff9c65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb61a684c5b64dc6c305106fadff9c65_JaffaCakes118
Size

249KB
MD5

fb61a684c5b64dc6c305106fadff9c65
SHA1

e4de537ba5fdf0d8a46f314231faed8dd56899cc
SHA256

585a6433bf63a116aa112c4445ec4f3d75253bb4de940fe3e8ab65bce93bf531
SHA512

c6528ae66d0adbee019e4549314ac788332c3ece3526fafbeef4f4137e34f64b4943f52707912e23cf8e6e993a75910e9fb478395eedd7e7b57325241dbfbfc1
SSDEEP

6144:ta561ufiVq40ztxNP0/coc6H43wT66vlmyNBo:tl1u6840jBXyo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb61a684c5b64dc6c305106fadff9c65_JaffaCakes118

Files

fb61a684c5b64dc6c305106fadff9c65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33d909740e3a31f0151bf5de0718e1f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

gdi32

ChoosePixelFormat
CreateFontA
DeleteObject
GetObjectA
SelectObject
SetPixelFormat
SwapBuffers

glu32

gluBuild2DMipmaps
gluPerspective
gluProject

kernel32

AllocConsole
CloseHandle
CreateFileA
CreateMutexA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeConsole
GetCommandLineA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleHandleA
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetVersionExA
GetWindowsDirectoryA
InterlockedIncrement
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseMutex
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
WaitForSingleObject

msvcrt

_close
_fileno
_fstat
_isatty
_itoa
_lseek
_ltoa
_open
_read
_write
_HUGE
__getmainargs
__mb_cur_max
__p__environ
__set_app_type
_assert
_cexit
_errno
_fdopen
_fileno
_fmode
_fpreset
_iob
_isctype
_open_osfhandle
_pctype
_setmode
abort
acos
atan
atexit
atoi
clock
cos
ctime
exit
fclose
feof
fflush
fopen
fprintf
fread
free
fscanf
fseek
fwrite
getc
malloc
memchr
memcmp
memcpy
memmove
memset
printf
rand
signal
sin
sprintf
sqrt
strcat
strcmp
strcpy
strlen
strtok
strtol
strtoul
tan
time
vsprintf

opengl32

glAlphaFunc
glBegin
glBindTexture
glBlendFunc
glCallList
glCallLists
glClear
glClearColor
glClearDepth
glColor3f
glColor3ub
glColor4f
glColorMask
glCullFace
glDeleteLists
glDeleteTextures
glDepthFunc
glDisable
glEnable
glEnd
glEndList
glFlush
glFogf
glFogfv
glFogi
glFrontFace
glGenLists
glGenTextures
glGetDoublev
glGetIntegerv
glGetString
glHint
glIsList
glLightfv
glListBase
glLoadIdentity
glMatrixMode
glNewList
glNormal3f
glOrtho
glPolygonMode
glPopAttrib
glPopMatrix
glPushAttrib
glPushMatrix
glRasterPos2i
glReadPixels
glRotatef
glScalef
glShadeModel
glStencilFunc
glStencilOp
glTexCoord2f
glTexGeni
glTexImage2D
glTexParameteri
glTranslatef
glVertex2f
glVertex3f
glViewport
wglCreateContext
wglDeleteContext
wglMakeCurrent
wglUseFontBitmapsA

user32

AdjustWindowRectEx
ChangeDisplaySettingsA
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
GetDC
LoadCursorA
LoadIconA
LoadImageA
MessageBoxA
PeekMessageA
PostQuitMessage
RegisterClassA
ReleaseDC
SetCursorPos
SetFocus
SetForegroundWindow
ShowCursor
ShowWindow
TranslateMessage
UnregisterClassA

winmm

joyReleaseCapture
joySetCapture

fmod

_FSOUND_Sample_Load@16
_FSOUND_StopSound@4
_FSOUND_Sample_Free@4
_FSOUND_IsPlaying@4
_FSOUND_PlaySound@8
_FSOUND_SetVolume@8
_FSOUND_SetFrequency@8
_FSOUND_SetPan@8
_FSOUND_SetPaused@8
_FSOUND_Init@12
_FSOUND_SetSFXMasterVolume@4
_FSOUND_GetCurrentPosition@4

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rrjupup
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

33d909740e3a31f0151bf5de0718e1f2

Headers

File Characteristics

Imports

advapi32

gdi32

glu32

kernel32

msvcrt

opengl32

user32

winmm

fmod

Sections

.text Size: 235KB - Virtual size: 234KB

.data Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 1.2MB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 32KB

rrjupup Size: - Virtual size: 4KB

.text
Size: 235KB - Virtual size: 234KB

.data
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 1.2MB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 32KB

rrjupup
Size: - Virtual size: 4KB