398fb62cf1ed72f4626da6cc953804c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

398fb62cf1ed72f4626da6cc953804c9_JaffaCakes118
Size

418KB
MD5

398fb62cf1ed72f4626da6cc953804c9
SHA1

da08340d50cbed242f82a56a4c40e03915bf1d7d
SHA256

fd7ba275cd954fb175a5614621a57bdcb4f2d11afb1c55ffd00a3a19ea13eed7
SHA512

654ae4bad77360249482eb67ad809b9021fe15405ec8f5d43b73f2eb47a9845dd9b95a8d95bd722ac5f2e3adc9a4d833dcd110d021d59ee5a490c2ea8820767a
SSDEEP

6144:4Uy95T+qnNkIjqESCOw/q9fZNjGOwIbVST4h+sOMlott3XBOa8DGA0AOgyFPmk:4ZT+qnMoqbNjGOwIbVSM46KA0ukPmk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
398fb62cf1ed72f4626da6cc953804c9_JaffaCakes118

Files

398fb62cf1ed72f4626da6cc953804c9_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a71d2fde8f7f8bfcf6913c5f0ad22217

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\cef\3071\download\chromium\src\out\Release_GN_x86\chrome_elf.dll.pdb

Imports

kernel32

VerSetConditionMask
GetModuleHandleW
GetProcAddress
VerifyVersionInfoW
LoadLibraryExA
ReadConsoleW
VirtualProtect
GetCurrentProcessId
GetProcessId
GetCommandLineW
GetTempPathW
GetModuleFileNameW
GetLastError
GetCurrentProcess
VirtualQuery
GetEnvironmentVariableW
GetNativeSystemInfo
SetEnvironmentVariableW
CreateDirectoryW
GetFileAttributesW
OutputDebugStringW
MultiByteToWideChar
WideCharToMultiByte
GetComputerNameExW
FreeLibrary
LoadLibraryW
ReadProcessMemory
WriteProcessMemory
GetModuleHandleExW
CreateFileW
CloseHandle
VirtualProtectEx
HeapCreate
HeapDestroy
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetSystemTimeAsFileTime
IsDebuggerPresent
RaiseException
SetLastError
WaitForSingleObject
CreateThread
GetCurrentThreadId
GetCurrentDirectoryW
DeleteFileW
WriteFile
OutputDebugStringA
GetLocalTime
GetTickCount
FormatMessageA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
TerminateProcess
OpenProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
FlushFileBuffers
GetFileSizeEx
ReadFile
SetEndOfFile
SetFilePointerEx
SetEvent
ResetEvent
CreateEventW
FindClose
CreateRemoteThread
GetStdHandle
GetFileType
SleepEx
CreateProcessW
GetVersion
LockFileEx
UnlockFileEx
InitializeCriticalSection
SetNamedPipeHandleState
TransactNamedPipe
CreateNamedPipeW
WaitNamedPipeW
GetUserDefaultLCID
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetLocaleInfoW
GetCPInfo
WaitForSingleObjectEx
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
RtlUnwind
LoadLibraryExW
InterlockedFlushSList
GetFullPathNameW
GetConsoleCP
GetConsoleMode
ExitProcess
SetStdHandle
SetConsoleCtrlHandler
GetModuleFileNameA
GetACP
IsValidLocale
EnumSystemLocalesW
GetDriveTypeW
WriteConsoleW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW

Exports

Exports

AddDllToBlacklist
ClearCrashKeyValueImpl
CrashForException
DumpProcessWithoutCrash
GetBlacklistIndex
GetCrashKeyCountImpl
GetCrashKeyImpl
GetCrashReportsImpl
GetHandleVerifier
GetInstallDetailsPayload
GetUserDataDirectoryThunk
InjectDumpForHangDebugging
InjectDumpForHungInput
InjectDumpForHungInputNoCrashKeys
InjectDumpProcessWithoutCrash
IsBlacklistInitialized
RequestSingleCrashUploadImpl
SetCrashKeyValueImpl
SetMetricsClientId
SetUploadConsentImpl
SignalChromeElf
SignalInitializeCrashReporting
SuccessfullyBlocked

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crthunk
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CPADinfo
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a71d2fde8f7f8bfcf6913c5f0ad22217

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 312KB - Virtual size: 311KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 4KB - Virtual size: 17KB

.crthunk Size: 512B - Virtual size: 64B

CPADinfo Size: 512B - Virtual size: 36B

.gfids Size: 1024B - Virtual size: 828B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 312KB - Virtual size: 311KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 4KB - Virtual size: 17KB

.crthunk
Size: 512B - Virtual size: 64B

CPADinfo
Size: 512B - Virtual size: 36B

.gfids
Size: 1024B - Virtual size: 828B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 13KB