b05017e72afb815658b5949836dd8cd4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b05017e72afb815658b5949836dd8cd4_JaffaCakes118
Size

11.0MB
MD5

b05017e72afb815658b5949836dd8cd4
SHA1

edb97cf2e24e4df9d1f5ee9c372ea8d29053ca4c
SHA256

13dac8e9e1d5fecabd976cae24116c6f56bd2d3baf0e01ececfe1abd451710df
SHA512

a0305df12b8f0f17605bc761f4c2d1985eb2a82c51b8ffe3ca3c5d9e47487d00abf5bd87ebc4511d6fcb561caf75f42169d56f8174019c67b7cc5264f07b22f9
SSDEEP

24576:irZLfsVyQxotekQ9Gm0VzdnDm4BHBIm2dy:irZLfrQOeXIm0VzdiAHBIm2dy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b05017e72afb815658b5949836dd8cd4_JaffaCakes118

Files

b05017e72afb815658b5949836dd8cd4_JaffaCakes118
.dll windows:6 windows x86 arch:x86

7984ce3e2db0b2a66a632faeaea66603

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\qb\workspace\5216\p4gen\gfx_Development\dump32\igfx\lh\release\OpenCL\Runtime\igdrcl32.pdb

Imports

dxgi

CreateDXGIFactory1

user32

EnumDisplayDevicesA

gdi32

CreateDCA
DeleteDC

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

opengl32

wglShareLists
wglCreateContext
wglMakeCurrent
wglGetProcAddress
wglGetCurrentDC
wglGetCurrentContext
wglDeleteContext

kernel32

SetEnvironmentVariableA
SetEndOfFile
GetSystemTimeAsFileTime
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
WriteConsoleW
LoadLibraryW
OutputDebugStringW
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CloseHandle
WaitForSingleObject
Sleep
SetEvent
CreateEventA
WaitForMultipleObjects
GetStdHandle
GetEnvironmentVariableA
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
GetSystemInfo
InitializeCriticalSection
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
QueryPerformanceCounter
CreateDirectoryA
OutputDebugStringA
GetLastError
GetCurrentProcessId
GetVersionExA
VirtualAlloc
VirtualFree
GetSystemWow64DirectoryA
CreateFileW
DeleteFileW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
MultiByteToWideChar
GetModuleHandleA
QueryPerformanceFrequency
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
EncodePointer
DecodePointer
GetStringTypeW
RaiseException
RtlUnwind
HeapFree
CreateThread
ExitThread
LoadLibraryExW
IsDebuggerPresent
IsProcessorFeaturePresent
SetStdHandle
GetFileType
HeapAlloc
ReadFile
GetLocalTime
GetCommandLineA
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetProcessHeap
IsValidCodePage
GetACP
GetOEMCP
SetFilePointer
SetFilePointerEx
ReadConsoleW
GetEnvironmentStringsW

Exports

Exports

clBuildProgram
clCompileProgram
clCreateBuffer
clCreateCommandQueue
clCreateCommandQueueWithProperties
clCreateContext
clCreateContextFromType
clCreateEventFromGLsyncKHR
clCreateFromGLBuffer
clCreateFromGLRenderbuffer
clCreateFromGLTexture
clCreateFromGLTexture2D
clCreateFromGLTexture3D
clCreateImage
clCreateImage2D
clCreateImage3D
clCreateKernel
clCreateKernelsInProgram
clCreatePipe
clCreateProgramWithBinary
clCreateProgramWithBuiltInKernels
clCreateProgramWithSource
clCreateSampler
clCreateSamplerWithProperties
clCreateSubBuffer
clCreateSubDevices
clCreateUserEvent
clEnqueueAcquireGLObjects
clEnqueueBarrier
clEnqueueBarrierWithWaitList
clEnqueueCopyBuffer
clEnqueueCopyBufferRect
clEnqueueCopyBufferToImage
clEnqueueCopyImage
clEnqueueCopyImageToBuffer
clEnqueueFillBuffer
clEnqueueFillImage
clEnqueueMapBuffer
clEnqueueMapImage
clEnqueueMarker
clEnqueueMarkerWithWaitList
clEnqueueMigrateMemObjects
clEnqueueNDRangeKernel
clEnqueueNativeKernel
clEnqueueReadBuffer
clEnqueueReadBufferRect
clEnqueueReadImage
clEnqueueReleaseGLObjects
clEnqueueSVMFree
clEnqueueSVMMap
clEnqueueSVMMemFill
clEnqueueSVMMemcpy
clEnqueueSVMUnmap
clEnqueueTask
clEnqueueUnmapMemObject
clEnqueueWaitForEvents
clEnqueueWriteBuffer
clEnqueueWriteBufferRect
clEnqueueWriteImage
clFinish
clFlush
clGetCommandQueueInfo
clGetContextInfo
clGetDeviceIDs
clGetDeviceInfo
clGetEventInfo
clGetEventProfilingInfo
clGetExtensionFunctionAddress
clGetExtensionFunctionAddressForPlatform
clGetGLObjectInfo
clGetGLTextureInfo
clGetImageInfo
clGetKernelArgInfo
clGetKernelInfo
clGetKernelWorkGroupInfo
clGetMemObjectInfo
clGetPipeInfo
clGetPlatformIDs
clGetPlatformInfo
clGetProgramBuildInfo
clGetProgramInfo
clGetSamplerInfo
clGetSupportedImageFormats
clLinkProgram
clReleaseCommandQueue
clReleaseContext
clReleaseDevice
clReleaseEvent
clReleaseKernel
clReleaseMemObject
clReleaseProgram
clReleaseSampler
clRetainCommandQueue
clRetainContext
clRetainDevice
clRetainEvent
clRetainKernel
clRetainMemObject
clRetainProgram
clRetainSampler
clSVMAlloc
clSVMFree
clSetCommandQueueProperty
clSetEventCallback
clSetKernelArg
clSetKernelArgSVMPointer
clSetKernelExecInfo
clSetMemObjectDestructorCallback
clSetUserEventStatus
clUnloadCompiler
clUnloadPlatformCompiler
clWaitForEvents

Sections

.text
Size: 783KB - Virtual size: 783KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10.0MB - Virtual size: 10.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7984ce3e2db0b2a66a632faeaea66603

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dxgi

user32

gdi32

advapi32

opengl32

kernel32

Exports

Exports

Sections

.text Size: 783KB - Virtual size: 783KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 10.0MB - Virtual size: 10.0MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 84KB - Virtual size: 84KB

.text
Size: 783KB - Virtual size: 783KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 10.0MB - Virtual size: 10.0MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 84KB - Virtual size: 84KB