2cf99bee36b42139d69482654cc9116a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cf99bee36b42139d69482654cc9116a_JaffaCakes118
Size

600KB
MD5

2cf99bee36b42139d69482654cc9116a
SHA1

669b1ed5cc29e761fa4aba34628b09de10414fc8
SHA256

765e9cb544bffa002ce6afd7d03804e3331f921c9df217d4d9022150cef93b8e
SHA512

e21c369abb3a6343133b84db917461fe901e9bc0930164bc1313d3af15d2aa6991dffa8942b5afacfd5126b6a94c638940a5e970618a90e0dc199fe07c8d6a2e
SSDEEP

12288:uFmlXuOffdob3ypi/w7xMMACIGS1fR94aI0m8djGpm04rlHATcR8ICh:uMZVhxAdSpm0slT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cf99bee36b42139d69482654cc9116a_JaffaCakes118

Files

2cf99bee36b42139d69482654cc9116a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ff986caebf0c8c029e47ed457855cf6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glColor4f
glGetError
glTexCoord2fv
glHint
glViewport
glRotatef
glTranslatef
glVertex3fv
glColor4fv
glPixelStorei
glTexParameterf
glTexImage2D
glFogf
glVertex3f
glFogfv
glGetFloatv
glDisable
glTexCoord2f
glClear
glBindTexture
glClearColor
glBlendFunc
glDepthFunc
glTexEnvf
glVertex2i
glGetString
glFogi
glPushMatrix
glLoadIdentity
glMatrixMode
glVertex2f
glClearDepth
glPopMatrix
glVertex2d
glEnd
glEnable
glBegin

glu32

gluBuild2DMipmaps
gluLookAt
gluErrorString
gluOrtho2D
gluPerspective

kernel32

RtlUnwind
HeapSize
FreeEnvironmentStringsA
GetProcAddress
GetModuleFileNameA
HeapReAlloc
GetLastError
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
GetCurrentProcess
TerminateProcess
CloseHandle
ReadFile
CreateFileA
GetFullPathNameA
DeleteFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateEventA
CreateThread
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GlobalHandle
GlobalUnlock
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetFilePointer
WriteFile
GetLocalTime
ExitProcess
GetExitCodeThread
WaitForSingleObject
SetEvent
GlobalFree
GetTimeZoneInformation
GetSystemTime
GlobalLock
GlobalAlloc
ExitThread
WaitForMultipleObjects
GlobalMemoryStatus
lstrcpyA
_lread
_lclose
_lopen
FreeResource
LockResource
LoadResource
FindResourceA

user32

GetMessageA
RegisterClassA
LoadCursorA
LoadIconA
UpdateWindow
ScreenToClient
PostQuitMessage
ReleaseDC
GetClientRect
GetDC
SendDlgItemMessageA
SetTimer
GetParent
SetWindowLongA
GetDlgItem
KillTimer
CallWindowProcA
EnableWindow
PtInRect
PeekMessageA
GetCursorPos
SetRect
GetDlgItemTextA
SetFocus
TranslateMessage
DispatchMessageA
MessageBoxA
wsprintfA
GetAsyncKeyState
wvsprintfA
GetActiveWindow
GetWindowLongA
DialogBoxParamA
SetDlgItemTextA
SetActiveWindow
EndDialog
ChangeDisplaySettingsA
GetSystemMetrics
PostMessageA
CreateWindowExA
ShowWindow
DefWindowProcA

dsound

ord1

winmm

mciSendStringA

ptk

?OnMouseClick@ptkScene@@UAEXHHHH@Z
?OnFini@ptkScene@@UAEXXZ
?ptkSetAppInstance@@YAXPAUHINSTANCE__@@@Z
?OnMouseMove@ptkScene@@UAEXHH@Z
?OnKeyPress@ptkScene@@UAEXH@Z
?SwapBuffers@ptkScene@@QAEXXZ
??1ptkScene@@QAE@XZ
??0ptkScene@@QAE@H@Z
?GetApplication@ptkScene@@QBEPAVptkApplication@@XZ
?GetTime@ptkScene@@QAEKXZ
?Quit@ptkApplication@@QAEXXZ
?SetScene@ptkWindow@@QAEXH@Z
?IsPressed@ptkScene@@SAHH@Z
??1ptkApplication@@QAE@XZ
??1ptkWindow@@QAE@XZ
??0ptkWindow@@QAE@HHHHHH@Z
??0ptkApplication@@QAE@PAD@Z
?Run@ptkApplication@@QAEXXZ
?ShowError@Exception@@QAEXXZ

gdi32

GetObjectA
SelectPalette
SetBkMode
SetStretchBltMode
StretchDIBits
CreatePalette
RealizePalette
CreateBrushIndirect
SetBkColor
CreateDIBitmap
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
GetStockObject
SetTextColor

ole32

CoCreateInstance
CoUninitialize
CoInitialize

dplayx

ord4

Sections

.text
Size: 312KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DL5
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

..
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4ff986caebf0c8c029e47ed457855cf6

Headers

File Characteristics

Imports

opengl32

glu32

kernel32

user32

dsound

winmm

ptk

gdi32

ole32

dplayx

Sections

.text Size: 312KB - Virtual size: 310KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 96KB - Virtual size: 1.2MB

.rsrc Size: 128KB - Virtual size: 144KB

.DL5 Size: 24KB - Virtual size: 20KB

.. Size: 24KB - Virtual size: 24KB

.text
Size: 312KB - Virtual size: 310KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 96KB - Virtual size: 1.2MB

.rsrc
Size: 128KB - Virtual size: 144KB

.DL5
Size: 24KB - Virtual size: 20KB

..
Size: 24KB - Virtual size: 24KB