cdd9deb3c55cb2d5b405ffb6bc44cc51_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cdd9deb3c55cb2d5b405ffb6bc44cc51_JaffaCakes118
Size

750KB
MD5

cdd9deb3c55cb2d5b405ffb6bc44cc51
SHA1

185d843e80ed367169424010fbc134db11ec0664
SHA256

f28d31e0d2f566b324b081ef0c427a79fd48fb3fb50bfda0b8471bffa9969908
SHA512

7058fdf3400ea0fb5c765868cca1a3aa630979f78e4656a36a7ce24b7fddcd577ccad2056a2c1ae689a5a2f64e362b9cbe8b87bf477c223a9267d125f74e3fdb
SSDEEP

12288:Se94Hxv/fjwf82A/n3+E/ozaDydb2UxCj2AqeMQmzFTSpkP2Dng:Se94HV3jm82A/3foza+N2uGKFzFTSpk+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdd9deb3c55cb2d5b405ffb6bc44cc51_JaffaCakes118

Files

cdd9deb3c55cb2d5b405ffb6bc44cc51_JaffaCakes118
.exe windows:6 windows x64 arch:x64

dd4c22386f6a2c3e77d93a0b73fb7938

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\yousa\OneDrive\Desktop\New folder\LOADER (1)\x64\Release\Loader.pdb

Imports

kernel32

QueryPerformanceCounter
WriteFile
GetCurrentDirectoryA
OpenProcess
GetLastError
CreateFileA
DeleteFileA
CloseHandle
CreateThread
WriteProcessMemory
VirtualAllocEx
VirtualFreeEx
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
VirtualQueryEx
LoadLibraryA
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
ExitProcess
OutputDebugStringA
QueryPerformanceFrequency
ReadProcessMemory
GetCurrentThreadId
Sleep

user32

GetWindowLongW
SetWindowLongW
SetWindowPos
GetSystemMetrics
GetClassNameA
DispatchMessageW
PeekMessageW
CloseClipboard
TranslateMessage
SetForegroundWindow
IsIconic
GetWindowTextW
GetKeyState
ScreenToClient
EnumWindows
OpenClipboard
GetCursorPos
SetCursorPos
ReleaseCapture
GetClientRect
GetCapture
ClientToScreen
SetCursor
GetClipboardData
IsChild
GetForegroundWindow
LoadCursorW
SetCapture
SetClipboardData
DefWindowProcW
FindWindowExW
GetWindowRect
CreateWindowExW
RegisterClassExW
ShowWindow
MoveWindow
SetLayeredWindowAttributes
FindWindowW
GetAsyncKeyState
mouse_event
EmptyClipboard

advapi32

DeleteService
CloseServiceHandle
OpenSCManagerA
OpenServiceA
StartServiceA
ControlService
ChangeServiceConfigA
CreateServiceA

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
_Query_perf_frequency
_Thrd_sleep
_Query_perf_counter
_Xtime_get_ticks
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Xlength_error@std@@YAXPEBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

dwmapi

DwmExtendFrameIntoClientArea

d3d11

D3D11CreateDeviceAndSwapChain

d3dcompiler_47

D3DCompile

d3dx11_43

D3DX11CompileFromMemory

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memmove
__std_terminate
__std_exception_destroy
__std_exception_copy
strstr
_CxxThrowException
__C_specific_handler
__current_exception
memcpy
memcmp
memchr
memset
__current_exception_context

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
_set_new_mode

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback
__p___argv
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
__p___argc
_configure_narrow_argv
_initialize_onexit_table
_exit
exit
_c_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_set_app_type
terminate
_cexit
_crt_atexit
_register_onexit_function
_seh_filter_exe

api-ms-win-crt-stdio-l1-1-0

fflush
ftell
fseek
__p__commode
_set_fmode
fclose
fwrite
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
_wfopen

api-ms-win-crt-string-l1-1-0

strcmp
_wcsicmp
strncpy

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

sinf
powf
pow
ceilf
sqrtf
fmodf
sqrt
floorf
acosf
atan2f
__setusermatherr
cosf

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd4c22386f6a2c3e77d93a0b73fb7938

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

msvcp140

dwmapi

d3d11

d3dcompiler_47

d3dx11_43

imm32

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 394KB - Virtual size: 394KB

.rdata Size: 337KB - Virtual size: 337KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 512B - Virtual size: 268B

.text
Size: 394KB - Virtual size: 394KB

.rdata
Size: 337KB - Virtual size: 337KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 512B - Virtual size: 268B