25f2dff63a5d19bdfed17dab174ef36c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25f2dff63a5d19bdfed17dab174ef36c_JaffaCakes118
Size

294KB
MD5

25f2dff63a5d19bdfed17dab174ef36c
SHA1

68a0e638106370577ec771ed7aca24c1fec6e4a7
SHA256

7448299350c701d826f8e8b7d29c21c6c8b3b589362d64a56fe5cc824d9393cf
SHA512

bb435a6e1d7d16c686218ff0715366c417f291b05f2dff0d39a6f1708b81ed7280f5014c75419036742f619971256a78831852e9288e2e6a7692381c5c4f8aee
SSDEEP

6144:QgzNcm2nJ2PX46SMK9jJnztDT3gifFfpyj0uqPyKgIOqmko:vZcvhMK9dnztDT3g4Zprirtd

Score

1^/10

Malware Config

Signatures

Files

25f2dff63a5d19bdfed17dab174ef36c_JaffaCakes118
.dll windows:6 windows x64 arch:x64

Code Sign

2b:6c:4c:e9:a4:04:70:47:b2:b1:ad:41:05:1b:98:6b
Certificate

Issuer

CN=WUS!

Not Before

01/07/2014, 08:00

Not After

01/01/2088, 08:00

Subject

CN=WUS!

18:15:02:74:a5:fc:34:18:62:ec:5d:f1:0f:4a:74:1c:85:9b:8c:f8
Signer

Actual PE Digest

18:15:02:74:a5:fc:34:18:62:ec:5d:f1:0f:4a:74:1c:85:9b:8c:f8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

Breakpad_SteamMiniDumpInit
Breakpad_SteamSetAppID
Breakpad_SteamSetSteamID
Breakpad_SteamWriteMiniDumpSetComment
Breakpad_SteamWriteMiniDumpUsingExceptionInfoWithBuildId
CreateInterface
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSGetSteamID
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam2UserConnect
Steam_GSSendSteam3UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_ReleaseThreadLocalMemory
Steam_ReleaseUser
Steam_SetLocalIPBinding
Steam_TerminateGameConnection
VR_GetGenericInterfaceInternal
VR_GetStringForHmdErrorInternal
VR_InitInternal
VR_IsHmdPresentInternal
VR_ShutdownInternal
hid_close
hid_enumerate
hid_error
hid_exit
hid_free_enumeration
hid_get_feature_report
hid_get_indexed_string
hid_get_manufacturer_string
hid_get_product_string
hid_get_serial_number_string
hid_init
hid_open
hid_open_path
hid_read
hid_read_timeout
hid_send_feature_report
hid_set_nonblocking
hid_write

Sections

WUS0
Size: - Virtual size: 592KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WUS1
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

2b:6c:4c:e9:a4:04:70:47:b2:b1:ad:41:05:1b:98:6bCertificate

18:15:02:74:a5:fc:34:18:62:ec:5d:f1:0f:4a:74:1c:85:9b:8c:f8Signer

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

WUS0 Size: - Virtual size: 592KB

WUS1 Size: 288KB - Virtual size: 288KB

.rsrc Size: 4KB - Virtual size: 8KB

2b:6c:4c:e9:a4:04:70:47:b2:b1:ad:41:05:1b:98:6b
Certificate

18:15:02:74:a5:fc:34:18:62:ec:5d:f1:0f:4a:74:1c:85:9b:8c:f8
Signer

WUS0
Size: - Virtual size: 592KB

WUS1
Size: 288KB - Virtual size: 288KB

.rsrc
Size: 4KB - Virtual size: 8KB