JaffaCakes118_6225869797a75bc27c83a75fd47c4923

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6225869797a75bc27c83a75fd47c4923
Size

10.9MB
MD5

6225869797a75bc27c83a75fd47c4923
SHA1

387fa41e3b7ac43cd403cbff1695ae95d305a694
SHA256

e2d4261f838190fca21f21d3c5299c632912e0673371c6cd8c893a9e59cc315a
SHA512

5b049c881f97c4188389f0e6190160dab219cc2a4dd0c4372ab4503f7c4f667224ba49f0d7faab350a222e5948ed8c49e83cde35a40be082377861a79d9353ca
SSDEEP

196608:SkWnE2xV9W5QIUSE+qRs/Far1ePlkzSEp1Ji16nZWKf7E7AgwTlqgYhLkN8ZKNGg:SkWnpxV9W5QIUSEdRsdar1ePlkTDi1Uv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6225869797a75bc27c83a75fd47c4923

Files

JaffaCakes118_6225869797a75bc27c83a75fd47c4923
.exe windows:5 windows x86 arch:x86

b654900905be998e61425e6b5dc30db5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\BuildAgent\work\d3d49558e4d408f4\build\WindowsStandalonePlayer\UnityPlayer_Symbols.pdb

Imports

kernel32

GetFileAttributesA
GetModuleFileNameA
GetCurrentDirectoryA
ResumeThread
GetThreadContext
SuspendThread
GetCurrentThread
IsBadReadPtr
GetWindowsDirectoryA
GetFullPathNameW
CreateSemaphoreA
Sleep
WaitForSingleObjectEx
ReleaseSemaphore
MoveFileExW
SleepEx
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
SetThreadPriority
CreateEventA
CopyFileW
SetEvent
ResetEvent
FileTimeToDosDateTime
FileTimeToLocalFileTime
lstrlenA
GetFileTime
VirtualQuery
GlobalMemoryStatus
GetSystemTimeAsFileTime
CreateProcessW
IsDebuggerPresent
SetErrorMode
WritePrivateProfileStringW
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
EncodePointer
DecodePointer
ExitProcess
SetConsoleCtrlHandler
ExitThread
DuplicateHandle
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetStdHandle
HeapCreate
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedDecrement
HeapSize
GetLocaleInfoW
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFileAttributesW
ExpandEnvironmentStringsA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetHandleCount
OutputDebugStringA
SetStdHandle
LCMapStringW
GetEnvironmentVariableA
GetEnvironmentStringsW
GetTickCount
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CompareStringW
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetProcessHeap
InterlockedCompareExchange
HeapValidate
SetThreadAffinityMask
TerminateThread
WaitForMultipleObjects
CreateEventW
GetOverlappedResult
CancelIo
LoadLibraryW
GetProcAddress
GetCommandLineW
FreeLibrary
CreateDirectoryW
GetFileSize
ReadFile
CreateFileW
GetCurrentDirectoryW
GetDriveTypeW
GetTimeZoneInformation
SetConsoleMode
ReadConsoleInputA
FindFirstFileExA
GetDriveTypeA
PeekNamedPipe
GetFileInformationByHandle
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
CreateSemaphoreW
CreateMutexW
SignalObjectAndWait
ReleaseMutex
GetProcessAffinityMask
FlushConsoleInputBuffer
GetVersion
GetSystemDirectoryA
OpenEventA
VirtualAlloc
VirtualFree
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
lstrcmpiA
GetFullPathNameA
CreateThread
WaitForSingleObject
SetUnhandledExceptionFilter
GetCurrentProcessId
GetModuleHandleW
GetTempPathW
LoadLibraryA
GetComputerNameW
GetVersionExA
GetUserDefaultLangID
FreeEnvironmentStringsW
SetLastError
lstrcpynW
lstrcpyA
lstrcpynA
GlobalMemoryStatusEx
GetSystemInfo
GetModuleHandleA
GetCurrentProcess
GetCurrentThreadId
RaiseException
GetFileType
CreateMutexA
GetModuleFileNameW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
DeleteFileW
FindClose
WriteFile
InterlockedExchange
GetFileAttributesW
SetEndOfFile
SetFilePointer
CloseHandle
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
GetLastError
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
InitializeCriticalSectionAndSpinCount
InterlockedExchangeAdd
HeapWalk

user32

IsDlgButtonChecked
DialogBoxParamA
LoadImageA
ValidateRect
DispatchMessageA
GetMessageA
PeekMessageA
GetCaretBlinkTime
EnumDisplayDevicesA
MonitorFromWindow
wvsprintfA
CheckDlgButton
CreateDialogParamW
EnableWindow
DestroyCursor
IsDialogMessageW
TranslateMessage
DefWindowProcW
DestroyWindow
CreateWindowExW
SetClipboardData
CloseClipboard
PeekMessageW
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
SetCapture
GetProcessWindowStation
GetUserObjectInformationW
ReleaseCapture
RegisterDeviceNotificationW
UnregisterDeviceNotification
SystemParametersInfoW
ClientToScreen
GetAsyncKeyState
ScreenToClient
IsWindowVisible
GetCursorPos
GetKeyState
wsprintfA
RegisterRawInputDevices
GetRawInputData
GetRawInputDeviceInfoW
GetRawInputDeviceList
SendMessageTimeoutA
EnumWindows
SendMessageA
LoadCursorA
SetCursor
GetSystemMetrics
GetDC
ReleaseDC
CreateIconIndirect
EmptyClipboard
DispatchMessageW
MsgWaitForMultipleObjects
SetWindowTextW
RegisterClassW
PostQuitMessage
SetWindowLongW
GetWindowLongW
SetCursorPos
ClipCursor
ShowCursor
GetFocus
SetFocus
WindowFromPoint
MessageBoxW
RegisterClassExW
SetForegroundWindow
ShowWindow
DialogBoxParamW
EndDialog
LoadIconA
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
MessageBoxA
CopyRect
OffsetRect
GetAncestor
IsIconic
RegisterWindowMessageA
GetUserObjectInformationA
GetThreadDesktop
GetParent
GetWindowRect
GetWindowLongA
SetWindowPos
GetClientRect
CreateDialogParamA
UnregisterClassW
GetDesktopWindow
EnumDisplaySettingsA
AdjustWindowRectEx
ChangeDisplaySettingsA
GetDlgItem
SetWindowLongA

version

VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeA

ole32

CoCreateInstance
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoCreateGuid
CoInitialize
CoUninitialize

shlwapi

SHDeleteKeyA
PathFileExistsW
PathIsDirectoryW

advapi32

CryptGetHashParam
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
GetUserNameA
RegDeleteValueA
CryptDestroyKey
CryptVerifySignatureA
CryptImportKey
DeregisterEventSource
ReportEventA
RegisterEventSourceA
CryptDestroyHash

gdi32

GetDeviceCaps
SetPixelFormat
SwapBuffers
CreateDIBSection
GetObjectA
ChoosePixelFormat
DeleteObject
CreateBitmap

shell32

ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW

opengl32

glFinish
glFogi
glIsTexture
glTexSubImage2D
glPixelStorei
glCopyTexSubImage2D
glDrawBuffer
glReadBuffer
glDrawArrays
wglDeleteContext
glTexParameteri
glBegin
glVertex3f
glNormal3f
glColor4f
glEnd
glHint
glLightModelf
glLoadIdentity
glMaterialfv
glMaterialf
glGenTextures
glBindTexture
glTexImage2D
glReadPixels
wglCreateContext
wglMakeCurrent
glGetIntegerv
wglGetCurrentContext
wglGetCurrentDC
wglShareLists
wglGetProcAddress
glGetError
glGetString
glDrawElements
glTexCoordPointer
glNormalPointer
glVertexPointer
glColorPointer
glEnableClientState
glDisableClientState
glTexEnvf
glTexEnvi
glAlphaFunc
glEnable
glBlendFunc
glDisable
glColorMask
glPolygonOffset
glCullFace
glDepthMask
glDepthFunc
glStencilMask
glStencilOp
glStencilFunc
glIsEnabled
glClear
glClearStencil
glClearDepth
glClearColor
glFrontFace
glPolygonMode
glLoadMatrixf
glMatrixMode
glMultMatrixf
glGetFloatv
glColorMaterial
glLightModeli
glColor4fv
glViewport
glScissor
glTexEnvfv
glTexGenfv
glTexGeni
glLightfv
glLightf
glLightModelfv
glFogfv
glFogf
glDeleteTextures

winmm

waveInStart
waveInOpen
waveInClose
waveOutPrepareHeader
waveInGetDevCapsW
waveInGetDevCapsA
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveOutGetPosition
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveOutGetDevCapsW
waveOutGetDevCapsA
waveOutGetNumDevs
waveInGetNumDevs
timeGetTime
timeEndPeriod
timeBeginPeriod
waveInReset

ws2_32

closesocket
getsockopt
getsockname
inet_ntoa
WSACleanup
WSAStartup
connect
htons
WSAAsyncGetHostByName
socket
getpeername
gethostname
ioctlsocket
setsockopt
select
WSASetLastError
__WSAFDIsSet
sendto
recvfrom
bind
ntohs
accept
listen
shutdown
WSACancelAsyncRequest
gethostbyaddr
gethostbyname
recv
htonl
send
freeaddrinfo
inet_addr
getaddrinfo
WSAGetLastError

oleaut32

SysAllocString
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysFreeString

imm32

ImmGetContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetConversionStatus
ImmSetOpenStatus
ImmReleaseContext
ImmSetCompositionStringW

dnsapi

DnsFree
DnsQuery_A

iphlpapi

GetIpAddrTable

winhttp

WinHttpGetIEProxyConfigForCurrentUser

hid

HidD_FreePreparsedData
HidD_GetPreparsedData
HidD_GetProductString
HidP_GetCaps
HidP_GetButtonCaps
HidP_GetValueCaps
HidP_MaxDataListLength
HidP_GetData
HidD_GetHidGuid

msacm32

acmStreamUnprepareHeader
acmFormatSuggest
acmStreamOpen
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert

Exports

Exports

??$Transfer@V?$StreamedBinaryRead@$00@@@AnimationEvent@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@Behaviour@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@Component@Unity@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@GameObject@Unity@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@GlobalGameManager@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@LevelGameManager@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@NamedObject@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@Object@@IAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@Renderer@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@AnimationEvent@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@Behaviour@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@Component@Unity@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@GameObject@Unity@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@GlobalGameManager@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@LevelGameManager@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@NamedObject@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@Object@@IAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@Renderer@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@AnimationEvent@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@Behaviour@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@Component@Unity@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@GameObject@Unity@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@GlobalGameManager@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@LevelGameManager@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@NamedObject@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@Object@@IAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@Renderer@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@VProxyTransfer@@@AnimationEvent@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@Behaviour@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@Component@Unity@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@GameObject@Unity@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@GlobalGameManager@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@LevelGameManager@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@NamedObject@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@Object@@IAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@Renderer@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@AnimationEvent@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@Behaviour@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@Component@Unity@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@GameObject@Unity@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@GlobalGameManager@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@LevelGameManager@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@NamedObject@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@Object@@IAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@Renderer@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VSafeBinaryRead@@@AnimationEvent@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@Behaviour@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@Component@Unity@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@GameObject@Unity@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@GlobalGameManager@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@LevelGameManager@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@NamedObject@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@Object@@IAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@Renderer@@QAEXAAVSafeBinaryRead@@@Z
AgPmDestroySourceConnection
AgPmEventEnabled
AgPmEventLoggingEnabled
AgPmSubmitEvent
NxCreateCoreSDK

Sections

.text
Size: 8.1MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 553KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b654900905be998e61425e6b5dc30db5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

version

ole32

shlwapi

advapi32

gdi32

shell32

opengl32

winmm

ws2_32

oleaut32

imm32

dnsapi

iphlpapi

winhttp

hid

msacm32

Exports

Exports

Sections

.text Size: 8.1MB - Virtual size: 8.1MB

.rdata Size: 1.6MB - Virtual size: 1.6MB

.data Size: 184KB - Virtual size: 813KB

.trace Size: 5KB - Virtual size: 5KB

.rsrc Size: 553KB - Virtual size: 552KB

.reloc Size: 359KB - Virtual size: 359KB

.text Size: 176KB - Virtual size: 176KB

.text
Size: 8.1MB - Virtual size: 8.1MB

.rdata
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 184KB - Virtual size: 813KB

.trace
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 553KB - Virtual size: 552KB

.reloc
Size: 359KB - Virtual size: 359KB

.text
Size: 176KB - Virtual size: 176KB