9d5045f9b93f25b9040c489e331df5b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9d5045f9b93f25b9040c489e331df5b5_JaffaCakes118
Size

604KB
MD5

9d5045f9b93f25b9040c489e331df5b5
SHA1

5d32366989af30199b09ea6df2c964d39bedddd7
SHA256

c0e340469fee5b822976761678d86712f6ecbd718425497038cb509c6cd2143f
SHA512

2960993b31603a4bc3895892b5337de6f9a05d2d6fb82b9d32ce8016b1a4671440139530d9d52ae21c60247353d5e5e618b5ca557dde6515ad5b023565e3ed82
SSDEEP

12288:G9zA3ry8mRRgJclkbCZuhEvyVojmYxSDgRi9Rql1BxbUkwnkjiepakMBW6feRAK5:GxIOyclkIxSDgRi9Rql1BxbUkwnkjiep

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d5045f9b93f25b9040c489e331df5b5_JaffaCakes118

Files

9d5045f9b93f25b9040c489e331df5b5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b5bf1d1fad00dcaa252292add33b80ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\ProjectGSDII\PC\data\area\area_a\va01\Release\va01.pdb

Imports

psxlib

SetPolyFT3
ratan2
GsSortPoly
PSX_Alloc
PSX_Free
GsSetLsMatrix
rcos
rsin
GsSortFastBg
getScratchAddr
PSX_Printf
OuterProduct0
SquareRoot0
VectorNormalS
GetTPage
GetClut
SetSpadStack
ResetSpadStack
gte_stsxy3
gte_ldrgb
gte_ldv3
gte_rtpt
gte_stflg
gte_nclip
gte_stopz
gte_ldv0
gte_rtps
gte_stsxy3_gt3
gte_avsz3
gte_stotz
gte_ncct
addPrim
gte_strgb3_gt3
gte_stsxy3_gt4
gte_stsxy
gte_avsz4
gte_strgb3_gt4
gte_nccs
gte_strgb

gsdmain

gm_set_data
FilterWhiteOut
FilterWhiteIn
SetFieldGamen
ActionKanouDispCheck
ChangeFlgCheck
SetActionIndex
GrnSetAmbient
SkySetAmbient
VramPX
VramPY
GetGsOutPacket
SetGsOutPacket
GetFixedAdrs
get_rand

kernel32

GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
HeapSize
RtlUnwind
InitializeCriticalSection
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
EnterCriticalSection
LeaveCriticalSection
WriteFile
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo
VirtualQuery
LoadLibraryA
TerminateProcess
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
GetCurrentProcess
TlsFree
SetLastError
TlsGetValue
GetLastError
TlsAlloc
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree

Exports

Exports

GetData
va01_GetData

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 556KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5bf1d1fad00dcaa252292add33b80ec

Headers

File Characteristics

PDB Paths

Imports

psxlib

gsdmain

kernel32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 556KB - Virtual size: 556KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 556KB - Virtual size: 556KB

.reloc
Size: 8KB - Virtual size: 7KB