3ae939bb41f22d436546f9527b3b1dba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ae939bb41f22d436546f9527b3b1dba_JaffaCakes118
Size

3.0MB
MD5

3ae939bb41f22d436546f9527b3b1dba
SHA1

1cd2bf1f9f2b48642fc7a373cd21ca67e4b5ea8e
SHA256

ea404ba84dd22c3e75cd88089448b7f17c9108f4a7dacef87bd1186486ba6b2f
SHA512

97d5fbd4d463c50b0db9b916d6f167d52d80f3c1d1f2812d9ce75551db3b448bb6b883521499c5a9f857d144d7884597f52d1cca495556da101db615562651fc
SSDEEP

49152:ILgHwMqexKfl3l4fohZv4WLIpm2nrLPJ1CPkGHDJW0jN7v:IXiedT/vnIpmY7J1CMGj00jN7v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ae939bb41f22d436546f9527b3b1dba_JaffaCakes118

Files

3ae939bb41f22d436546f9527b3b1dba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bab33bfa41823efb6ba95ccc2751a8d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Speed\Pc\cd\SpeedR.pdb

Imports

d3d9

Direct3DCreate9

dinput8

DirectInput8Create

user32

SetWindowLongA
ShowCursor
PostThreadMessageA
wsprintfA
GetForegroundWindow
GetKeyState
keybd_event
RegisterClassA
IsIconic
GetWindowLongA
AdjustWindowRectEx
CreateWindowExA
GetDesktopWindow
ShowWindow
SetFocus
ClientToScreen
UnhookWindowsHookEx
wvsprintfA
SetCursorPos
EndPaint
DestroyWindow
GetMessageA
PostQuitMessage
SetCapture
BeginPaint
TranslateMessage
PeekMessageA
DefWindowProcA
PostMessageA
DispatchMessageA
ReleaseCapture
SetCursor
GetWindowRect
RegisterClassExA
SetForegroundWindow
GetClientRect
SetWindowsHookExA
LoadCursorA
AdjustWindowRect
SetRect
UnregisterClassA
SetActiveWindow
GetSystemMetrics
SetWindowPos
LoadIconA
CharUpperA
SystemParametersInfoA
SendNotifyMessageA
CallNextHookEx
GetAsyncKeyState
UpdateWindow

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA

winmm

timeGetTime
timeBeginPeriod
timeKillEvent
timeSetEvent
timeEndPeriod
timeGetDevCaps

gdi32

GetStockObject
DeleteObject

shfolder

SHGetFolderPathA

shell32

ShellExecuteA

ws2_32

socket
shutdown
bind
connect
ioctlsocket
setsockopt
WSAStartup
WSAGetLastError
closesocket
listen
accept
sendto
send
recvfrom
recv
getsockopt
select
getpeername
getsockname
WSAIoctl
gethostbyname
WSACleanup
ntohl
ntohs
htons
htonl

kernel32

GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
ReadConsoleInputA
IsBadCodePtr
SetUnhandledExceptionFilter
SetStdHandle
VirtualQuery
VirtualProtect
GetOEMCP
GetACP
GetCurrentProcessId
GetStringTypeW
GetStringTypeA
IsValidCodePage
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
IsValidLocale
EnumSystemLocalesA
CompareStringA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
RaiseException
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
HeapReAlloc
HeapCreate
HeapDestroy
TlsAlloc
TlsFree
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
TlsGetValue
TlsSetValue
ExitThread
GetSystemTimeAsFileTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
Process32First
Sleep
GetLastError
GetLongPathNameA
Process32Next
CreateToolhelp32Snapshot
CloseHandle
GetVersionExA
GetCurrentDirectoryA
FindClose
FindFirstFileA
DeleteFileA
CreateDirectoryA
SetCurrentDirectoryA
WaitForSingleObject
GetModuleHandleA
GetLogicalDrives
GetDriveTypeA
SuspendThread
ResumeThread
OutputDebugStringA
GetTimeFormatA
GetDateFormatA
SetProcessAffinityMask
SetPriorityClass
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThread
GetPriorityClass
SetThreadPriority
GetThreadPriority
GetProcessAffinityMask
QueryPerformanceFrequency
IsBadReadPtr
IsBadWritePtr
GetSystemInfo
IsProcessorFeaturePresent
lstrcmpiA
GetFullPathNameA
WideCharToMultiByte
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileA
CreateFileW
UnmapViewOfFile
GetProcAddress
LoadLibraryA
SetEvent
ResetEvent
SetLastError
CreateEventA
LocalFree
FormatMessageA
WriteFile
SetFilePointer
MoveFileA
ReadFile
GetVolumeInformationA
SetEndOfFile
GetLogicalDriveStringsA
GetDiskFreeSpaceA
TerminateThread
SleepEx
GetCurrentThreadId
GetExitCodeThread
DuplicateHandle
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
CreateMutexA
ReleaseMutex
VirtualFree
VirtualAlloc
CreateThread
InterlockedExchange
HeapFree
GetProcessHeap
HeapAlloc
WaitCommEvent
GetOverlappedResult
SetCommMask
WaitForMultipleObjects
PurgeComm
SetCommState
GetCommState
SetCommConfig
GetCommConfig
SetCommTimeouts
SetupComm
GetCommandLineA
ExitProcess
TerminateProcess

dsound

ord1

ddraw

DirectDrawCreate

tapi32

lineOpen
lineGetDevCaps
lineShutdown
lineInitialize
lineAnswer
lineMakeCall
lineGetID
lineClose
lineNegotiateAPIVersion

netapi32

Netbios

dinput

DirectInputCreateA

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 824KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bab33bfa41823efb6ba95ccc2751a8d1

Headers

File Characteristics

PDB Paths

Imports

d3d9

dinput8

user32

advapi32

winmm

gdi32

shfolder

shell32

ws2_32

kernel32

dsound

ddraw

tapi32

netapi32

dinput

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 248KB - Virtual size: 245KB

.data Size: 264KB - Virtual size: 824KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 248KB - Virtual size: 245KB

.data
Size: 264KB - Virtual size: 824KB