936a55f4dfd5b7c8189230ee67e80e5a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

936a55f4dfd5b7c8189230ee67e80e5a_JaffaCakes118
Size

351KB
MD5

936a55f4dfd5b7c8189230ee67e80e5a
SHA1

f8e1bbc8fa52f45d79a19e1c7cf5f23b4692ba75
SHA256

6d36846361fa8c9f90c61967d228fc3fc7c3cc78572adb5f408222dace6da672
SHA512

40d2244b574e295c710f7e98118204911bee13b06ef4e43484a895dac0f6f3a2053212a12dd76b0091e79d67c3c208418768e0bf1ed4496171926bd1d22dac92
SSDEEP

6144:juz+Ak6YZ/IAeBOJAF3nXtuTlqO0EORDF8o6Jvi+1DDTmsN8Wb:juz+v6YZ/IJAAFXXtuh3hC8o6Jvi+1D4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
936a55f4dfd5b7c8189230ee67e80e5a_JaffaCakes118

Files

936a55f4dfd5b7c8189230ee67e80e5a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

333c277ba5223977f1a456345d3d481b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

y:\jw\workspace\btbG\managed\src\out\Release\ppGoogleNaClPluginChrome.dll.pdb

Imports

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeGetTime

kernel32

CloseHandle
CreateFileW
FlushFileBuffers
ReadFile
WriteFile
DuplicateHandle
GetLastError
SetLastError
ConnectNamedPipe
DisconnectNamedPipe
SetNamedPipeHandleState
PeekNamedPipe
CreateNamedPipeW
Sleep
InterlockedExchangeAdd
GetCurrentProcess
GetCurrentProcessId
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
SystemTimeToFileTime
WaitForSingleObject
GetCurrentThreadId
ResumeThread
ExitProcess
GetSystemTime
SetEvent
CreateEventW
FileTimeToLocalFileTime
FileTimeToSystemTime
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetNamedPipeHandleStateW
GetCPInfo
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
SetStdHandle
GetFileType
GetCommandLineA
CreateThread
ExitThread
LoadLibraryExW
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapSize
GetProcessHeap
GetStdHandle
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
GetConsoleMode
HeapReAlloc
GetTimeZoneInformation
SetFilePointerEx
OutputDebugStringW
SetEnvironmentVariableA
WriteConsoleW
CreateFileMappingW
MapViewOfFileEx
UnmapViewOfFile
LockFileEx
SetEndOfFile
UnlockFileEx
VirtualAlloc
VirtualProtect
VirtualFree
GetFileInformationByHandle
ReadConsoleW

advapi32

SystemFunction036

Exports

Exports

PPP_GetInterface
PPP_InitializeModule
PPP_ShutdownModule

Sections

.text
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

333c277ba5223977f1a456345d3d481b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

kernel32

advapi32

Exports

Exports

Sections

.text Size: 247KB - Virtual size: 247KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 7KB - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 247KB - Virtual size: 247KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 7KB - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 14KB - Virtual size: 14KB