d:\LocalSvnForDailyBuild\dabingusa_beta\Bin\Release\plugin\Func.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
f28b0dba18386ac6a0ac392378e3fa01_JaffaCakes118.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
f28b0dba18386ac6a0ac392378e3fa01_JaffaCakes118.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
f28b0dba18386ac6a0ac392378e3fa01_JaffaCakes118
-
Size
3.7MB
-
MD5
f28b0dba18386ac6a0ac392378e3fa01
-
SHA1
844606ed6463382bfbb3a79fb3526deab6a13e0b
-
SHA256
dcd936b0bfecd026d6f4f27d5fc7ffe5dc92165e6437e76ea335d95b117e07fc
-
SHA512
3d9e1c90460129c3ff01b83e2f72204a3caa485ebe34334963d17ca2a8926ebc39e1ab4e00488191b967d4c9a1d881130a2ad06c791f2e5a54c8f8111ef3fa39
-
SSDEEP
49152:JgENs6rF+9KxqS4A61Z6Yz95Zv7PsuH0QKuos2FTY1xUDWsM8B7g:nqjF76gHzvHbo9GUid
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f28b0dba18386ac6a0ac392378e3fa01_JaffaCakes118
Files
-
f28b0dba18386ac6a0ac392378e3fa01_JaffaCakes118.dll windows:4 windows x86 arch:x86
330b4ec9b85c547f1554c41b3d87da56
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
imagehlp
CheckSumMappedFile
winmm
PlaySoundA
kernel32
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
SetEnvironmentVariableA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
IsValidCodePage
GetACP
GetDateFormatA
GetTimeFormatA
HeapSize
CreateThread
ExitThread
GetStdHandle
GetFileType
WriteConsoleW
RaiseException
RtlUnwind
GetProcessHeap
GetCommandLineA
ExitProcess
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
HeapReAlloc
HeapFree
CreateFileW
ReleaseSemaphore
ReleaseMutex
CreateSemaphoreA
CreateMutexA
SearchPathA
GetTempPathA
FindResourceExA
InterlockedCompareExchange
MultiByteToWideChar
LoadResource
InterlockedExchange
lstrlenW
FindResourceA
GetStringTypeExA
LockResource
GetVersion
WideCharToMultiByte
CompareStringW
GetLastError
CompareStringA
SizeofResource
lstrlenA
GetLocalTime
GetTickCount
GetCurrentProcess
TerminateProcess
CloseHandle
GetModuleFileNameA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
Sleep
GetCurrentThreadId
CreateDirectoryA
WritePrivateProfileStringA
GetUserDefaultLangID
GetModuleHandleA
FindFirstFileA
GetProcAddress
SetLastError
LoadLibraryA
GetVersionExA
lstrcmpW
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameA
GetProfileIntA
GetFileTime
GetFileAttributesA
GetUserDefaultLCID
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetThreadLocale
InterlockedIncrement
CopyFileA
GlobalSize
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
InterlockedDecrement
GetModuleFileNameW
CreateEventA
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentProcessId
GlobalFree
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GlobalLock
lstrcmpA
GlobalAlloc
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
LoadLibraryW
user32
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableA
SetRect
MessageBeep
IsClipboardFormatAvailable
DeleteMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
DrawEdge
SetParent
DestroyMenu
GetMenuItemInfoA
CharNextA
InflateRect
MapVirtualKeyA
GetKeyNameTextA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
InsertMenuA
GetDCEx
ShowOwnedPopups
SetCursor
GetMessageA
PostThreadMessageA
GetActiveWindow
ValidateRect
GetWindowThreadProcessId
RegisterClipboardFormatA
SetWindowContextHelpId
CharUpperA
EnableWindow
SendMessageA
TranslateAcceleratorA
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
CheckMenuItem
IsWindowEnabled
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
SetMenu
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
WindowFromPoint
SendDlgItemMessageA
WinHelpA
DestroyIcon
SetRectEmpty
CreateMenu
TranslateMessage
SetWindowRgn
GetSystemMenu
UnionRect
LockWindowUpdate
RemoveMenu
RedrawWindow
GetSystemMetrics
GetWindowRect
SetWindowPos
ShowWindow
IsWindowVisible
GetClientRect
MessageBoxA
GetSysColor
FrameRect
DrawTextA
InvalidateRect
GetCursorPos
ScreenToClient
GetParent
GetMessagePos
FillRect
LoadMenuA
GetSubMenu
ShowScrollBar
LoadIconA
SetTimer
KillTimer
GetClassNameA
EnumChildWindows
GetDesktopWindow
SetWindowTextA
GetDlgCtrlID
IsWindow
GetWindowTextA
LoadImageA
GetScrollInfo
PostMessageA
SetScrollInfo
GetWindowLongA
SetWindowLongA
CreatePopupMenu
FindWindowA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
CopyRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
PtInRect
SetWindowPlacement
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
EnableMenuItem
AppendMenuA
DestroyCursor
DrawFrameControl
DrawFocusRect
LoadMenuIndirectA
CreateAcceleratorTableA
IsMenu
DrawStateA
CreateIconIndirect
GetWindowRgn
DrawIconEx
WaitMessage
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DrawIcon
IsZoomed
GetCursor
GetIconInfo
EnableScrollBar
CopyIcon
SetCursorPos
CopyImage
SetClassLongA
NotifyWinEvent
DestroyAcceleratorTable
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
SetMenuDefaultItem
GetMenuDefaultItem
CharUpperBuffA
SubtractRect
IsCharLowerA
MapVirtualKeyExA
LoadStringA
DefFrameProcA
gdi32
BitBlt
DeleteObject
CreateFontIndirectA
GetObjectA
SetTextColor
Arc
SetPixel
SelectObject
GetBkColor
GetTextColor
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
CreatePen
ExtCreatePen
CreateSolidBrush
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
DPtoLP
GetTextExtentPoint32A
LPtoDP
GetTextMetricsA
GetRgnBox
OffsetRgn
GetViewportOrgEx
Rectangle
CreateCompatibleDC
CreateDCA
GetDeviceCaps
GetClipBox
SetBkColor
CreateBitmap
CopyMetaFileA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
CreateDIBSection
GetDIBits
RealizePalette
EnumFontFamiliesA
GetTextCharset
ExtCreateRegion
CreatePalette
CreateRoundRectRgn
GetNearestColor
Ellipse
StretchBlt
CreatePolygonRgn
FillRgn
FrameRgn
CreateEllipticRgn
PtInRegion
Polygon
SetPixelV
CreateDIBitmap
GetTextCharsetInfo
Polyline
GetBoundsRect
ExtFloodFill
GetPaletteEntries
SetPaletteEntries
RoundRect
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
GetWindowOrgEx
MoveToEx
SetTextAlign
GetMapMode
CreateCompatibleBitmap
SelectClipRgn
comdlg32
GetFileTitleA
winspool.drv
ClosePrinter
OpenPrinterA
DocumentPropertiesA
advapi32
OpenServiceA
ControlService
CloseServiceHandle
DeleteService
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegEnumKeyA
OpenSCManagerA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
shell32
SHAppBarMessage
SHGetPathFromIDListA
DragQueryFileA
DragFinish
SHGetFileInfoA
SHFileOperationA
ShellExecuteA
SHBrowseForFolderA
comctl32
InitCommonControlsEx
ImageList_GetIconSize
shlwapi
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA
oledlg
ord8
ole32
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoTaskMemAlloc
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleLockRunning
DoDragDrop
OleTranslateAccelerator
IsAccelerator
oleaut32
VariantClear
VariantChangeType
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VarUdateFromDate
VariantCopy
VarBstrFromDate
VariantInit
Exports
Exports
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VChangePassTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendWithIP_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserLogin_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserRegist_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLogOffTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLoginCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VOnlineTrasaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VReadConfigFile_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VRegNewCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginWithGameAccountTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestLargeDataSend_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestOnlineSession_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadGameOnlineUser_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadScript_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoad_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VChangePassEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VExtendEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VOnlineEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VReadConfigEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VRegEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VSimpleLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
GetPlugin
Sections
.text Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 544KB - Virtual size: 542KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 68KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: 248KB - Virtual size: 244KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 172KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ