3f8f4d46437c2625558c67cde26d0934_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f8f4d46437c2625558c67cde26d0934_JaffaCakes118
Size

387KB
MD5

3f8f4d46437c2625558c67cde26d0934
SHA1

6228286415b80d2a2695ba77a545374a548a101c
SHA256

739c283e730c384adb87ed7b0a4c500ff3f99bf7c92b6c8f1484b2ced7255b8b
SHA512

201ca6041309fe3a2983d80f10f3bb26db287c0432bbe910f3856d1deb9b97a0f51d9b1b52aae414f257fa6185a1030efc9470a3cde15cbe9c82057caabd48e4
SSDEEP

12288:b2xHCc4QvqT+SBxGGSwa6O2y2+Kdf1vgiJ:pc4QvqT+SBxGGSwa6O2y2+KdJgi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f8f4d46437c2625558c67cde26d0934_JaffaCakes118

Files

3f8f4d46437c2625558c67cde26d0934_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5654872fe1bf46f5b5bfe50e7a2a0fa7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Devel\projects\bink\build\binkw32.pdb

Imports

user32

DestroyWindow
GetClassLongA
RegisterClassA
ChangeDisplaySettingsA
IsWindowVisible
GetSystemMetrics
GetCursorPos
DefWindowProcA
ReleaseDC
PeekMessageA
CreateWindowExA
UnregisterClassA
ShowCursor
GetTopWindow
GetWindowLongA
GetActiveWindow
GetWindowThreadProcessId
GetWindow
EndPaint
ClientToScreen
MessageBoxA
SetCursor
ScreenToClient
GetWindowRect
IsIconic
GetClientRect
BeginPaint
GetDC

gdi32

CreateDIBSection
GetDeviceCaps
StretchBlt
GetDIBits
SetPixel
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
GetPixel
DeleteDC

kernel32

RtlUnwind
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
InterlockedExchange
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualFree
VirtualQuery
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
GetSystemTimeAsFileTime
GetLocaleInfoA
VirtualProtect
WriteFile
WaitForSingleObject
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
Sleep
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
CreateFileA
SetFilePointer
ReadFile
CloseHandle
HeapAlloc
HeapFree
HeapCreate
GetSystemInfo
SetEvent
CreateEventA
SetThreadPriority
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
ResumeThread
CreateThread
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersionExA
GetCommandLineA

winmm

waveOutPrepareHeader
waveOutOpen
waveOutUnprepareHeader
waveOutSetVolume
waveOutReset
waveOutRestart
waveOutPause
waveOutWrite
waveOutClose
timeGetTime
timeBeginPeriod
timeEndPeriod

Exports

Exports

_BinkBufferBlit@12
_BinkBufferCheckWinPos@12
_BinkBufferClear@8
_BinkBufferClose@4
_BinkBufferGetDescription@4
_BinkBufferGetError@0
_BinkBufferLock@4
_BinkBufferOpen@16
_BinkBufferSetDirectDraw@8
_BinkBufferSetHWND@8
_BinkBufferSetOffset@12
_BinkBufferSetResolution@12
_BinkBufferSetScale@12
_BinkBufferUnlock@4
_BinkCheckCursor@20
_BinkClose@4
_BinkCloseTrack@4
_BinkCopyToBuffer@28
_BinkCopyToBufferRect@44
_BinkDDSurfaceType@4
_BinkDX8SurfaceType@4
_BinkDX9SurfaceType@4
_BinkDoFrame@4
_BinkGetError@0
_BinkGetFrameBuffersInfo@8
_BinkGetKeyFrame@12
_BinkGetRealtime@12
_BinkGetRects@8
_BinkGetSummary@8
_BinkGetTrackData@8
_BinkGetTrackID@8
_BinkGetTrackMaxSize@8
_BinkGetTrackType@8
_BinkGoto@12
_BinkIsSoftwareCursor@8
_BinkLogoAddress@0
_BinkNextFrame@4
_BinkOpen@8
_BinkOpenDirectSound@4
_BinkOpenMiles@4
_BinkOpenTrack@8
_BinkOpenWaveOut@4
_BinkPause@8
_BinkRegisterFrameBuffers@8
_BinkRestoreCursor@4
_BinkService@4
_BinkSetError@4
_BinkSetFrameRate@8
_BinkSetIO@4
_BinkSetIOSize@4
_BinkSetMemory@8
_BinkSetMixBinVolumes@20
_BinkSetMixBins@16
_BinkSetPan@12
_BinkSetSimulate@4
_BinkSetSoundOnOff@8
_BinkSetSoundSystem@8
_BinkSetSoundTrack@8
_BinkSetVideoOnOff@8
_BinkSetVolume@12
_BinkWait@4
_RADTimerRead@0
_YUV_blit_16a1bpp@40
_YUV_blit_16a1bpp_mask@48
_YUV_blit_16a4bpp@40
_YUV_blit_16a4bpp_mask@48
_YUV_blit_16bpp@40
_YUV_blit_16bpp_mask@48
_YUV_blit_24bpp@40
_YUV_blit_24bpp_mask@48
_YUV_blit_24rbpp@40
_YUV_blit_24rbpp_mask@48
_YUV_blit_32abpp@40
_YUV_blit_32abpp_mask@48
_YUV_blit_32bpp@40
_YUV_blit_32bpp_mask@48
_YUV_blit_32rabpp@40
_YUV_blit_32rabpp_mask@48
_YUV_blit_32rbpp@40
_YUV_blit_32rbpp_mask@48
_YUV_blit_UYVY@40
_YUV_blit_UYVY_mask@48
_YUV_blit_YUY2@40
_YUV_blit_YUY2_mask@48
_YUV_blit_YV12@44
_YUV_init@4

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK4444
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK5551
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32A
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16X2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32X2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16MX
Size: 1024B - Virtual size: 515B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32MX
Size: 1024B - Virtual size: 687B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16M
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32M
Size: 1024B - Virtual size: 547B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 512B - Virtual size: 361B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32R
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32RA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32RX
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24X2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24M
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24R
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24RX
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24RM
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 512B - Virtual size: 369B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 512B - Virtual size: 327B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYV12
Size: 1024B - Virtual size: 653B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BINKDATA
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5654872fe1bf46f5b5bfe50e7a2a0fa7

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

winmm

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 40KB

BINK Size: 74KB - Virtual size: 73KB

BINK16 Size: 6KB - Virtual size: 6KB

BINK4444 Size: 7KB - Virtual size: 7KB

BINK5551 Size: 7KB - Virtual size: 7KB

BINK32 Size: 6KB - Virtual size: 6KB

BINK32A Size: 7KB - Virtual size: 7KB

BINK16X2 Size: 3KB - Virtual size: 3KB

BINK32X2 Size: 3KB - Virtual size: 3KB

BINK16MX Size: 1024B - Virtual size: 515B

BINK32MX Size: 1024B - Virtual size: 687B

BINK16M Size: 512B - Virtual size: 503B

BINK32M Size: 1024B - Virtual size: 547B

BINKYUY2 Size: 512B - Virtual size: 361B

BINKYUY2 Size: 3KB - Virtual size: 3KB

BINKYUY2 Size: 512B - Virtual size: 492B

BINKYUY2 Size: 512B - Virtual size: 292B

BINK32R Size: 5KB - Virtual size: 5KB

BINK32RA Size: 6KB - Virtual size: 5KB

BINK32RX Size: 3KB - Virtual size: 3KB

BINK24 Size: 7KB - Virtual size: 7KB

BINK24X2 Size: 4KB - Virtual size: 4KB

BINK24M Size: 1024B - Virtual size: 714B

BINK24R Size: 6KB - Virtual size: 6KB

BINK24RX Size: 4KB - Virtual size: 4KB

BINK24RM Size: 1024B - Virtual size: 804B

BINKUYVY Size: 512B - Virtual size: 488B

BINKUYVY Size: 512B - Virtual size: 369B

BINKUYVY Size: 3KB - Virtual size: 3KB

BINKUYVY Size: 512B - Virtual size: 327B

BINKYV12 Size: 1024B - Virtual size: 653B

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 4KB

BINKDATA Size: 111KB - Virtual size: 111KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 41KB - Virtual size: 40KB

BINK
Size: 74KB - Virtual size: 73KB

BINK16
Size: 6KB - Virtual size: 6KB

BINK4444
Size: 7KB - Virtual size: 7KB

BINK5551
Size: 7KB - Virtual size: 7KB

BINK32
Size: 6KB - Virtual size: 6KB

BINK32A
Size: 7KB - Virtual size: 7KB

BINK16X2
Size: 3KB - Virtual size: 3KB

BINK32X2
Size: 3KB - Virtual size: 3KB

BINK16MX
Size: 1024B - Virtual size: 515B

BINK32MX
Size: 1024B - Virtual size: 687B

BINK16M
Size: 512B - Virtual size: 503B

BINK32M
Size: 1024B - Virtual size: 547B

BINKYUY2
Size: 512B - Virtual size: 361B

BINKYUY2
Size: 3KB - Virtual size: 3KB

BINKYUY2
Size: 512B - Virtual size: 492B

BINKYUY2
Size: 512B - Virtual size: 292B

BINK32R
Size: 5KB - Virtual size: 5KB

BINK32RA
Size: 6KB - Virtual size: 5KB

BINK32RX
Size: 3KB - Virtual size: 3KB

BINK24
Size: 7KB - Virtual size: 7KB

BINK24X2
Size: 4KB - Virtual size: 4KB

BINK24M
Size: 1024B - Virtual size: 714B

BINK24R
Size: 6KB - Virtual size: 6KB

BINK24RX
Size: 4KB - Virtual size: 4KB

BINK24RM
Size: 1024B - Virtual size: 804B

BINKUYVY
Size: 512B - Virtual size: 488B

BINKUYVY
Size: 512B - Virtual size: 369B

BINKUYVY
Size: 3KB - Virtual size: 3KB

BINKUYVY
Size: 512B - Virtual size: 327B

BINKYV12
Size: 1024B - Virtual size: 653B

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 4KB

BINKDATA
Size: 111KB - Virtual size: 111KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 21KB - Virtual size: 20KB