3afef9b8c601213fbf7bad12b1f7c180_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3afef9b8c601213fbf7bad12b1f7c180_JaffaCakes118
Size

548KB
MD5

3afef9b8c601213fbf7bad12b1f7c180
SHA1

4d5562daaa72d937b06f96d0a96e5437506c169c
SHA256

6eba6717ef04c81904e72d4b849a46bb2fc66a6a749a9b4361933b27486fe0d9
SHA512

406e0979d27702de76075000b435623415f4c298f9bb9e2fae290fddc5a3e418f4c545202dddd0d60fd89f1fd3a5afcbc061cd10d71f1aefc43c460cb894bbc4
SSDEEP

12288:jOyCLAt5VYrXiMjydmYXqXl1Sg4dABw2YxVk:joLAt3YryMjydmYaXlSdAB0x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3afef9b8c601213fbf7bad12b1f7c180_JaffaCakes118

Files

3afef9b8c601213fbf7bad12b1f7c180_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1779cbfb156b7b553fa37e76577c28d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeBeginPeriod
timeGetDevCaps
timeEndPeriod
timeGetTime

comctl32

PropertySheetA
InitCommonControlsEx
ord17
ord6

kernel32

CloseHandle
VirtualFree
WriteFile
SetFilePointer
CreateFileA
ReadFile
lstrcmpiA
FindClose
FindNextFileA
FindFirstFileA
GetProcAddress
LoadLibraryA
CreateDirectoryA
GetLastError
LocalFree
VirtualProtect
TerminateThread
GetExitCodeThread
PulseEvent
SuspendThread
ReleaseMutex
WaitForSingleObject
VirtualAlloc
ResumeThread
QueryPerformanceCounter
CreateEventA
GetFileSize
SetThreadPriority
GetCurrentThread
FreeLibrary
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStringTypeW
GetPrivateProfileSectionNamesA
MultiByteToWideChar
GetFileType
GetStdHandle
SetHandleCount
InterlockedIncrement
InterlockedDecrement
FlushFileBuffers
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapCreate
HeapDestroy
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
RtlUnwind
HeapAlloc
HeapFree
GetEnvironmentStringsW
LCMapStringA
GetEnvironmentStrings
LCMapStringW
SetStdHandle
ExitThread
CreateThread
Sleep
CreateMutexA
QueryPerformanceFrequency
lstrcpyA
DeleteFileA
SetEndOfFile
FormatMessageA
GetModuleFileNameA
GetStringTypeA

user32

ModifyMenuA
PeekMessageA
MsgWaitForMultipleObjects
GetDlgItemInt
CreateMenu
FillRect
DrawTextA
IsWindow
GetSystemMetrics
DeleteMenu
IsMenu
SetWindowTextA
IsWindowVisible
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
InsertMenuItemA
RegisterClassA
ValidateRect
IsIconic
GetWindowRect
PostQuitMessage
DestroyWindow
DefWindowProcA
ShowCursor
GetMenuItemInfoA
SetMenuItemInfoA
GetSubMenu
DrawMenuBar
SetActiveWindow
SetRect
GetMenu
AdjustWindowRectEx
MoveWindow
EnableWindow
BeginPaint
EndPaint
EnableMenuItem
GetMenuState
CheckMenuItem
InvalidateRect
ShowWindow
GetClientRect
GetWindowPlacement
CreateDialogParamA
SetWindowPos
SetForegroundWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
GetMessagePos
MapWindowPoints
DialogBoxParamA
MessageBoxA
SetFocus
SendDlgItemMessageA
PostMessageA
EndDialog
GetDlgItem
SendMessageA
GetDlgItemTextA
SetDlgItemTextA
LoadIconA

gdi32

CreateSolidBrush
CreateFontIndirectA
SetBkMode
GetStockObject
TextOutA
SetTextColor
SelectObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHChangeNotify
ShellExecuteA
SHBrowseForFolderA

kailleraclient

_kailleraEndGame@0
_kailleraSelectServerDialog@4
_kailleraSetInfos@4
_kailleraShutdown@0
_kailleraInit@0
_kailleraModifyPlayValues@8
_kailleraChatSend@4

Sections

.text
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1779cbfb156b7b553fa37e76577c28d3

Headers

File Characteristics

Imports

winmm

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

kailleraclient

Sections

.text Size: 380KB - Virtual size: 377KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 40KB - Virtual size: 350KB

.rsrc Size: 112KB - Virtual size: 110KB

.text
Size: 380KB - Virtual size: 377KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 40KB - Virtual size: 350KB

.rsrc
Size: 112KB - Virtual size: 110KB