87e82e4065d130db440f0d4dd555b577_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87e82e4065d130db440f0d4dd555b577_JaffaCakes118
Size

580KB
MD5

87e82e4065d130db440f0d4dd555b577
SHA1

56bd6c602f17238aa1511354eda1b0827c3817cb
SHA256

acaf358de526ef8a479a355e3530996e5689cc68a68cd02175bce74eadb06300
SHA512

b1e4816e079b20dfcf2db4b487e48e4e6fff1deab6e5f5c93b3f03273da973712e621c89fbca047fcdab5d3de02aed2b045f55a93bd56f58ec483ba9f964ad72
SSDEEP

12288:5+vqsBK9nDmuhEvyVojmYxSDgRi9Rql1BxbUkwnkjiepakMBW6feRAKTt7eSZLWv:m4hwxSDgRi9Rql1BxbUkwnkjiepakMBf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87e82e4065d130db440f0d4dd555b577_JaffaCakes118

Files

87e82e4065d130db440f0d4dd555b577_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fb4c92d612dda153e2bbeb5fce581509

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\ProjectGSDII\PC\data\area\area_k\wk\Release\wk.pdb

Imports

psxlib

SetPolyG4
SetPolyF4
AddPrim
SetPolyFT4
SetSemiTrans
SetShadeTex
SetDrawMode
GsSortBoxFill
LoadImage
SetPolyFT3
ratan2
GsSortPoly
PSX_Alloc
PSX_Free
GsSetLsMatrix
rcos
rsin
GsSortFastBg
SetSpadStack
ResetSpadStack
gte_stsxy3
gte_ldrgb
gte_ldv3
gte_rtpt
gte_stflg
gte_nclip
gte_stopz
gte_ldv0
gte_rtps
gte_stsxy3_gt3
gte_avsz3
gte_stotz
gte_ncct
addPrim
gte_strgb3_gt3
gte_stsxy3_gt4
gte_stsxy
gte_avsz4
gte_strgb3_gt4
gte_nccs
gte_strgb
getScratchAddr
PSX_Printf
OuterProduct0
SquareRoot0
VectorNormalS
GetTPage
GetClut

gsdmain

SetFieldGamen
GsSortDRMODE
ColSerch
ColRsvLoad
VramSerchReserved
S_Decode
Wtfree
FilterWhiteOut
FilterWhiteIn
DeadCheck
NextReActionData
SetBRead
CreateCharaType
get_rand
SetPosCharaType
CharaTypeSetAction
CharaTypeAction
CharaTypeDisp
DeleteCharaType
gm_set_data
CharaFlgCheck
CharaFlgSetOff
SetAction
AnimeChange
ReactionDataSetChara
CreateAfterWork
SetRGBAfterWork
CalcAtari3D
SvectorToXYZ
DispAfterWork
DeleteAfterWork
ActionKanouDispCheck
ChangeFlgCheck
SetActionIndex
GrnSetAmbient
SkySetAmbient
GetGsOutPacket
SetGsOutPacket
VramPX
VramPY
GetFixedAdrs

kernel32

HeapDestroy
GetEnvironmentStringsW
WideCharToMultiByte
HeapCreate
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
VirtualFree
WriteFile
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
LoadLibraryA
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
RtlUnwind
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo
VirtualQuery
FreeEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsFree
SetLastError
TlsGetValue
GetLastError
TlsAlloc
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection

Exports

Exports

GetData
wk_GetData

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb4c92d612dda153e2bbeb5fce581509

Headers

File Characteristics

PDB Paths

Imports

psxlib

gsdmain

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 524KB - Virtual size: 523KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 524KB - Virtual size: 523KB

.reloc
Size: 8KB - Virtual size: 6KB