550c01afc68a03c8d466ae6b25ffbc2b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

550c01afc68a03c8d466ae6b25ffbc2b_JaffaCakes118
Size

3.4MB
MD5

550c01afc68a03c8d466ae6b25ffbc2b
SHA1

e5af92f58780efa12bb2ff7f5e7519e088510802
SHA256

c2be89bdd5578edb3cc93709641ead2854599a8e3fb7f3139d6a5b827408b645
SHA512

39c964788eae3ae211bf586ce3f8d66ba54e6185f0e4dca21b532cf8506a46beea3c0038dfee1d5d26294d941b65e705bcdec82e24c14ab7d3f5e0422fb40e4d
SSDEEP

49152:zAq7vQzgat876r3Ivdb+w836qTxFqrXTWIwh:8g7K3I0w47sqh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
550c01afc68a03c8d466ae6b25ffbc2b_JaffaCakes118

Files

550c01afc68a03c8d466ae6b25ffbc2b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8ba9e6948a5af16237e037d475f9b44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\_Digitalic\DM\DM\DigimonMasters.pdb

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

imm32

ImmGetIMEFileNameA
ImmReleaseContext
ImmGetOpenStatus
ImmGetCandidateListW
ImmIsIME
ImmGetContext
ImmGetCompositionStringW
ImmSetConversionStatus
ImmGetProperty
ImmGetConversionStatus

mss32

_AIL_quick_shutdown@0
_AIL_shutdown@0
_AIL_set_room_type@8
_AIL_room_type@4
_AIL_close_stream@4
_AIL_pause_stream@8
_AIL_mem_free_lock@4
_AIL_set_sample_loop_count@8
_AIL_set_stream_loop_count@8
_AIL_set_sample_3D_cone@16
_AIL_sample_3D_cone@16
_AIL_set_sample_3D_distances@16
_AIL_sample_3D_distances@16
_AIL_sample_volume_levels@12
_AIL_stream_sample_handle@4
_AIL_set_sample_playback_rate@8
_AIL_sample_playback_rate@4
_AIL_sample_stage_property@24
_AIL_set_3D_distance_factor@8
_AIL_last_error@0
_AIL_quick_handles@12
_AIL_stop_sample@4
_AIL_set_sample_ms_position@8
_AIL_set_stream_ms_position@8
_AIL_sample_status@4
_AIL_stream_status@4
_AIL_sample_ms_position@12
_AIL_stream_ms_position@12
_AIL_WAV_info@8
_AIL_close_digital_driver@4
_AIL_set_stream_position@8
_AIL_stream_position@4
_AIL_set_sample_reverb_levels@12
_AIL_sample_reverb_levels@12
_AIL_set_sample_occlusion@8
_AIL_set_sample_obstruction@8
_AIL_sample_obstruction@4
_AIL_sample_3D_orientation@28
_AIL_set_sample_file@12
_AIL_allocate_sample_handle@4
_AIL_open_stream@12
_AIL_decompress_ADPCM@12
_AIL_decompress_ASI@24
_AIL_file_type@8
_AIL_file_size@4
_AIL_file_read@8
_AIL_set_sample_volume_levels@12
_AIL_set_sample_3D_orientation@28
_AIL_set_sample_3D_velocity_vector@16
_AIL_set_sample_3D_position@16
_AIL_sample_3D_position@16
_AIL_sample_3D_velocity@16
_AIL_start_sample@4
_AIL_start_stream@4
_AIL_listener_3D_orientation@28
_AIL_set_listener_3D_velocity_vector@16
_AIL_set_listener_3D_orientation@28
_AIL_set_listener_3D_position@16
_AIL_listener_3D_position@16
_AIL_listener_3D_velocity@16
_AIL_set_sample_position@8
_AIL_release_sample_handle@4
_AIL_quick_startup@20
_AIL_set_redist_directory@4
_AIL_sample_occlusion@4

kernel32

InterlockedCompareExchange
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
SetConsoleTextAttribute
GetStdHandle
GetConsoleScreenBufferInfo
GetExitCodeThread
ResumeThread
SuspendThread
TerminateThread
SetEvent
WaitForMultipleObjects
SetThreadAffinityMask
CreateEventA
IsBadReadPtr
GetCurrentProcessId
GetCurrentProcess
lstrcpyA
lstrcatA
lstrcpynA
SetUnhandledExceptionFilter
FormatMessageA
LocalFree
CreateToolhelp32Snapshot
Module32First
GetACP
SetCurrentDirectoryA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetProcessHeap
HeapFree
lstrlenA
CreateThread
SetThreadPriority
RaiseException
InterlockedExchange
GetStartupInfoA
GetFileSize
ReadFile
SetLastError
GetLastError
LoadLibraryW
GetCurrentDirectoryA
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
OutputDebugStringW
GetVersionExA
GetLocaleInfoA
FreeLibrary
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
CompareStringA
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
Sleep
GetLocalTime
CreateDirectoryA
GetFileAttributesA
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
GetModuleFileNameA
GetModuleHandleA
GetSystemInfo
CreateSemaphoreA
CloseHandle
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
CreateDirectoryW
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
FindNextFileA
FindFirstFileA
TlsAlloc
TlsFree
CreateEventW
CreateFileA

user32

PostThreadMessageA
MessageBeep
GetWindowThreadProcessId
MessageBoxW
ShowWindow
GetWindowLongW
SetWindowLongW
SetWindowPos
GetDesktopWindow
AdjustWindowRect
SetCursorPos
ClientToScreen
GetFocus
SetCursor
SetClassLongW
LoadCursorFromFileW
ScreenToClient
GetCursorPos
DestroyWindow
InvalidateRect
MoveWindow
SetWindowTextW
GetWindowTextW
SendMessageW
CallWindowProcW
GetDC
OffsetRect
PtInRect
MessageBoxA
CreateWindowExW
RegisterClassW
LoadCursorW
LoadIconW
DefWindowProcW
SetFocus
GetSystemMetrics
PostQuitMessage
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
PeekMessageW
SetRect
GetKeyboardLayout
UpdateWindow
wsprintfW
GetClientRect

gdi32

SetTextColor
CreateSolidBrush
GetStockObject
GetDeviceCaps
DeleteObject
SetBkColor
CreateFontW

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

ole32

OleRun
CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance

oleaut32

VariantClear
VariantChangeType
GetErrorInfo
SysAllocString
SysFreeString
VariantInit

msvcp80

?deallocate@?$allocator@D@std@@QAEXPADI@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?construct@?$allocator@D@std@@QAEXPADABD@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?destroy@?$allocator@D@std@@QAEXPAD@Z
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?construct@?$allocator@_W@std@@QAEXPA_WAB_W@Z
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@V?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@0ABV12@@Z
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?allocate@?$allocator@D@std@@QAEPADI@Z
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?destroy@?$allocator@_W@std@@QAEXPA_W@Z

d3dx9_32

D3DXCreateFontW
D3DXMatrixMultiply
D3DXCreateEffectCompiler
D3DXCreateEffect
D3DXCreateTextureFromFileExA
D3DXVec3Transform
D3DXGetShaderVersion
D3DXVec4Transform
D3DXSaveSurfaceToFileA
D3DXGetPixelShaderProfile
D3DXGetVertexShaderProfile
D3DXCreateVolumeTextureFromFileInMemory
D3DXCreateCubeTextureFromFileInMemory
D3DXSaveSurfaceToFileW
D3DXCreateVolumeTextureFromFileExA
D3DXCreateCubeTextureFromFileExA
D3DXCreateTextureFromFileInMemory
D3DXGetImageInfoFromFileInMemory
D3DXCreateBuffer
D3DXMatrixTranspose
D3DXMatrixInverse
D3DXGetShaderConstantTable
D3DXCompileShaderFromFileA
D3DXCompileShader
D3DXAssembleShaderFromFileA
D3DXAssembleShader
D3DXGetShaderInputSemantics

ddraw

DirectDrawCreate

msvcr80

_time32
sscanf
_mktime64
wcscpy
vsprintf
fgets
fputs
strcmp
fprintf
ferror
printf
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
_itoa
__iob_func
__p__commode
strlen
strcat
strcpy
__CxxFrameHandler3
mbstowcs
abort
wcstombs
wcsstr
_close
_sopen_s
_strlwr_s
_splitpath_s
_access
_vsnprintf_s
_vsnwprintf_s
fopen
atol
memchr
_ismbblead
??2@YAPAXI@Z
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??_V@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
_purecall
_CIlog
_lseeki64
_read
?what@exception@std@@UBEPBDXZ
towlower
memmove_s
wcsncpy
??0exception@std@@QAE@ABQBD@Z
sprintf_s
strcpy_s
wcscpy_s
free
rand
malloc
realloc
swprintf_s
vsprintf_s
_waccess_s
srand
wcscat_s
_access_s
fopen_s
fread
fclose
_wfopen_s
fwrite
strstr
tolower
sprintf
atoi
_ctime32
wcsncmp
_vswprintf
_wtoi
strcat_s
wcsncpy_s
_wcsicmp
??0exception@std@@QAE@ABQBDH@Z
_CxxThrowException
fseek
ftell
memcpy_s
strrchr
calloc
memset
_localtime64_s
_gmtime64_s
_time64
_aligned_malloc
_aligned_free
_aligned_realloc
_stricmp
_strnicmp
memcpy
toupper
strchr
_getcwd
fflush
strncpy_s
_CIsqrt
memmove
_CIacos
_CIasin
strtok_s
_CIfmod
qsort
_CIsin
_CItan
isdigit
atof
_CIcos
bsearch
ceil
floor
_CIatan
strncmp
_CIpow
_CIexp
longjmp
strncpy
_setjmp3

dsetup

ord11

dinput8

DirectInput8Create

wininet

InternetGetLastResponseInfoA

iphlpapi

GetAdaptersInfo

ws2_32

inet_ntoa
bind
htons
inet_addr
WSASocketA
setsockopt
getsockname
closesocket
send
connect
WSAGetLastError
WSASend
listen
WSARecv
ntohs
sendto
socket
gethostname
gethostbyname
getpeername
WSADuplicateSocketA
WSACleanup
WSAStartup
recv
shutdown

mswsock

AcceptEx
TransmitFile
GetAcceptExSockaddrs

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 576KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8ba9e6948a5af16237e037d475f9b44

Headers

File Characteristics

PDB Paths

Imports

version

imm32

mss32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcp80

d3dx9_32

ddraw

msvcr80

dsetup

dinput8

wininet

iphlpapi

ws2_32

mswsock

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 576KB - Virtual size: 575KB

.data Size: 28KB - Virtual size: 103KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 576KB - Virtual size: 575KB

.data
Size: 28KB - Virtual size: 103KB

.rsrc
Size: 16KB - Virtual size: 13KB