3e91423e1aa5cf20faa2d47e5ba08e50_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e91423e1aa5cf20faa2d47e5ba08e50_JaffaCakes118
Size

3.2MB
MD5

3e91423e1aa5cf20faa2d47e5ba08e50
SHA1

cab438b186a08dafc5199406e698487e81f387d3
SHA256

0c04974900dfeb10361dbe8f72124d48f0d7dce2a5ad5a349ba6a820f08dee8d
SHA512

b878ad2706f4249ffa6bf1b53b8cd20aa7144bf41bab6391de8c91ebb00d4b77ddff9ec9005514b450ee8d7db518c36edae6d2296d26e71cc002e101d9faeb8b
SSDEEP

49152:gaZnszsyljxILTlwioIUiRj5FiFfNNZ9V2BS0BMsuCTPz:4TxIOUUiRj5spZ9IBTuI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e91423e1aa5cf20faa2d47e5ba08e50_JaffaCakes118

Files

3e91423e1aa5cf20faa2d47e5ba08e50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cce9dd4b56e68d1d017286e9299ac6fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetSystemInfo
GetVersionExA
GetLocalTime
FormatMessageA
GetLastError
SetFilePointer
ReadFile
Sleep
GetCommandLineA
DeleteFileA
CreateFileA
WriteFile
UnmapViewOfFile
CloseHandle
CreateFileMappingA
MapViewOfFile
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
IsBadCodePtr
IsBadReadPtr
GetUserDefaultLCID
CreateProcessA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetOEMCP
_hread
GlobalMemoryStatus
GetACP
GetCPInfo
GetEnvironmentStringsW
FindFirstFileA
FindNextFileA
FindClose
_lopen
_lcreat
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetExitCodeProcess
GetStdHandle
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
QueryPerformanceFrequency
QueryPerformanceCounter
_lwrite
OutputDebugStringA
OpenFile
GetFileSize
WaitForSingleObject
EnumSystemLocalesA
ReleaseMutex
_llseek
_hwrite
_lclose
GetTickCount
GetSystemTime
GetVolumeInformationA
_lread
MulDiv
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
CreateFileW
HeapFree
GetProcessHeap
GetProcAddress
LoadLibraryA
GetModuleHandleA
SetThreadPriority
SetPriorityClass
GetThreadPriority
GetCurrentThread
GetPriorityClass
GetCurrentProcess
FreeLibrary
RtlUnwind
HeapAlloc
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetFileType
HeapReAlloc
RaiseException
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
ResumeThread
CreateThread
TlsSetValue
ExitThread
FileTimeToSystemTime
FileTimeToLocalFileTime
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
SetStdHandle

user32

DestroyWindow
SetCursorPos
PeekMessageA
SendMessageA
GetDlgItem
SetDlgItemTextA
CreateWindowExA
ShowWindow
SetWindowTextA
SetWindowLongA
ClipCursor
GetWindowLongA
GetDesktopWindow
GetWindowRect
MoveWindow
PostMessageA
ShowCursor
GetClientRect
ClientToScreen
DefWindowProcA
PostQuitMessage
UpdateWindow
SetForegroundWindow
AdjustWindowRect
DispatchMessageA
TranslateMessage
MessageBeep
SetCapture
GetMessageA
RegisterClassA
LoadCursorA
LoadIconA
GetKeyboardState
SendInput
PtInRect
AdjustWindowRectEx
GetParent
GetWindowPlacement
IsWindow
ReleaseDC
GetDC
SendDlgItemMessageA
CheckRadioButton
MessageBoxA
EndDialog
DialogBoxParamA

gdi32

DeleteDC
SelectObject
SetTextColor
SetBkColor
CreateFontA
CreateCompatibleDC
ExtTextOutA
GetTextExtentPoint32A
SetTextAlign
GetDeviceCaps
SetMapMode
DeleteObject
CreateDIBSection
GetStockObject

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

winmm

timeGetTime
joyGetNumDevs
joyGetDevCapsA
timeGetDevCaps
timeBeginPeriod
timeKillEvent
timeEndPeriod
timeSetEvent
joyGetPosEx

wsock32

gethostbyname
ioctlsocket
WSAGetLastError
WSAStartup
WSACleanup
bind
htons
ntohl
closesocket
inet_ntoa
socket
sendto
recvfrom
inet_addr
gethostbyaddr
getsockopt
setsockopt

shlwapi

PathStripPathA
PathRemoveExtensionA
PathAddExtensionA

ibrowse

ibrowse_Sleep
ibrowse_InitEx2
ibrowse_SetCallback
ibrowse_Wake
ibrowse_OnKeyDown
ibrowse_OnChar
ibrowse_OnKeyUp
ibrowse_GetTitle
ibrowse_GetMetaValue
ibrowse_OpenURL
ibrowse_EnableRender
ibrowse_Render
ibrowse_GetCookieValue
ibrowse_GetCookieBufferData
ibrowse_OnMouse

dinput8

DirectInput8Create

apiclient

InitDll
RegisterClient
GetActiveCover

ole32

CoCreateInstance
CoInitialize

dsound

ord11

dplayx

ord1
ord4

d3d8

Direct3DCreate8

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 272KB - Virtual size: 9.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cms_t
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cms_d
Size: 528KB - Virtual size: 525KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cce9dd4b56e68d1d017286e9299ac6fd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

wsock32

shlwapi

ibrowse

dinput8

apiclient

ole32

dsound

dplayx

d3d8

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

_text Size: 172KB - Virtual size: 168KB

_TEXT Size: 4KB - Virtual size: 12B

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 272KB - Virtual size: 9.3MB

.data1 Size: 4KB - Virtual size: 2KB

.cms_t Size: 204KB - Virtual size: 204KB

.cms_d Size: 528KB - Virtual size: 525KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 1.9MB - Virtual size: 1.9MB

_text
Size: 172KB - Virtual size: 168KB

_TEXT
Size: 4KB - Virtual size: 12B

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 272KB - Virtual size: 9.3MB

.data1
Size: 4KB - Virtual size: 2KB

.cms_t
Size: 204KB - Virtual size: 204KB

.cms_d
Size: 528KB - Virtual size: 525KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 64KB - Virtual size: 64KB