125289c6e3f9efe241b79882f5dc12b0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

125289c6e3f9efe241b79882f5dc12b0_JaffaCakes118
Size

528KB
MD5

125289c6e3f9efe241b79882f5dc12b0
SHA1

9862e9d2adef43baed1fb1bc480e0f19209aa47d
SHA256

32673005ef9c99f1e91ae41932cef86531bca0ab162da45b6811d6c56eb1553b
SHA512

ee0ed26d42572fa03e6fa6762da6ddb33d5a41d38d2096541e260d7a1da4e61f4ba033ba28076f6f16f9793860939e5ce4e113ad1f1bc86489cf8c2877c2babb
SSDEEP

12288:PZlzgyos4qTO2GZD+v9usPbD/hRzjx83Xu0/7:LSRW3P3/hRz0uE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
125289c6e3f9efe241b79882f5dc12b0_JaffaCakes118

Files

125289c6e3f9efe241b79882f5dc12b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6aaac86a7cc6d8f5f6b28ffc093ed99d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\temp\BonPlayer\Release\VladPlayerII.pdb

Imports

winmm

timeGetTime

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

iphlpapi

GetAdaptersInfo

kernel32

SetEndOfFile
GetPrivateProfileIntW
WritePrivateProfileStringW
SetErrorMode
GetStartupInfoW
ExitProcess
RtlUnwind
HeapReAlloc
GetCPInfo
ExitThread
HeapSize
VirtualProtect
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetOEMCP
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
LCMapStringA
LCMapStringW
FlushFileBuffers
WriteFile
SystemTimeToFileTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
ResumeThread
lstrcmpA
lstrcmpiA
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
GetProfileIntW
SetLastError
CopyFileW
GlobalSize
FormatMessageW
LocalFree
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
GlobalFree
FreeResource
GetTickCount
GetCurrentThread
lstrcmpiW
GetModuleHandleW
VirtualAlloc
CreateSemaphoreW
VirtualFree
GetSystemInfo
CreateEventW
CreateThread
WaitForMultipleObjects
ResetEvent
CreateMutexW
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
GetCurrentProcessId
Process32FirstW
Process32NextW
DuplicateHandle
CreateSemaphoreA
ReleaseSemaphore
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcmpW
GlobalAlloc
HeapAlloc
GetCurrentProcess
FlushInstructionCache
MulDiv
lstrcpyW
InterlockedDecrement
InterlockedIncrement
GetProcessHeap
HeapFree
RaiseException
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
SetFilePointer
MultiByteToWideChar
lstrlenW
SetEvent
WaitForSingleObject
GetModuleFileNameW
CreateEventA
GetVersion
GetFullPathNameW
GetFileAttributesW
GetLastError
CreateFileW
GetFileSize
ReadFile
CloseHandle
GlobalLock
GlobalUnlock
GetCurrentThreadId
lstrcpynW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
OpenEventA
SetWaitableTimer
CreateWaitableTimerA
CreateFileA
FreeEnvironmentStringsA

user32

SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
MoveWindow
IsDialogMessageW
SetDlgItemTextW
WinHelpW
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SendDlgItemMessageW
SendDlgItemMessageA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
UpdateWindow
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
SystemParametersInfoA
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
DispatchMessageW
PeekMessageW
FindWindowW
SendMessageTimeoutW
ShowWindow
GetCapture
ClientToScreen
SetCursor
GetPropW
RemovePropW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetClassInfoExW
LoadCursorW
RegisterClassExW
CreateAcceleratorTableW
CharNextW
GetClassNameW
SetWindowPos
RedrawWindow
GetDlgItem
IsChild
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcW
InvalidateRgn
SetCapture
ReleaseCapture
PostThreadMessageW
DefWindowProcW
UnregisterClassW
CreateWindowExW
GetWindowLongW
SetWindowLongW
SetFocus
MessageBoxW
RegisterClipboardFormatW
GetSystemMetrics
LoadIconW
IsIconic
SetMenu
GetMenu
LoadMenuW
ModifyMenuW
GetSubMenu
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
DrawIcon
DestroyWindow
GetSysColorBrush
GetMessageW
TranslateMessage
ValidateRect
SetForegroundWindow
InflateRect
IntersectRect
SystemParametersInfoW
IsWindowVisible
PostMessageW
GetSysColor
GetFocus
LockWindowUpdate
DrawFocusRect
CopyRect
FillRect
EnumThreadWindows
EqualRect
DestroyMenu
PostQuitMessage
GetWindowPlacement
WindowFromPoint
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
InvalidateRect
wsprintfW
GetDlgCtrlID
GetAsyncKeyState
GetCursorPos
EnableWindow
GetParent
KillTimer
SetTimer
ReleaseDC
GetDC
ScreenToClient
GetWindowRect
IsZoomed
SendMessageW
OffsetRect
PtInRect
IsWindow
GetDesktopWindow
GetClientRect
SetPropW
GetKeyState

gdi32

CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
DeleteObject
GetTextExtentPoint32W
PtInRegion
PtVisible
CreatePolygonRgn
SetMapMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileW
SetBkColor
GetClipBox
CreateFontIndirectW
SetTextColor
GetStockObject
GetObjectW
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
CreateSolidBrush

comdlg32

GetOpenFileNameW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

shell32

Shell_NotifyIconW
DragQueryFileW

comctl32

ImageList_GetIconSize
ImageList_Draw
ImageList_DrawEx
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

StringFromGUID2
CoUninitialize
CoTaskMemAlloc
OleInitialize
CoCreateInstance
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
CoTaskMemFree
ReleaseStgMedium
OleDuplicateData
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
CoInitialize
RegisterDragDrop

oleaut32

SysAllocString
VariantChangeType
VariantInit
OleCreateFontIndirect
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
VariantClear
SysStringLen
SysFreeString
SysAllocStringLen

wininet

InternetCloseHandle
InternetSetStatusCallbackW

Sections

.text
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aaac86a7cc6d8f5f6b28ffc093ed99d

Headers

File Characteristics

PDB Paths

Imports

winmm

version

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

Sections

.text Size: 364KB - Virtual size: 361KB

.rdata Size: 96KB - Virtual size: 94KB

.data Size: 16KB - Virtual size: 32KB

.tls Size: 4KB - Virtual size: 2B

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 364KB - Virtual size: 361KB

.rdata
Size: 96KB - Virtual size: 94KB

.data
Size: 16KB - Virtual size: 32KB

.tls
Size: 4KB - Virtual size: 2B

.rsrc
Size: 44KB - Virtual size: 41KB