06e087b68717e986a10e15b5ce44aa3d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06e087b68717e986a10e15b5ce44aa3d_JaffaCakes118
Size

10KB
MD5

06e087b68717e986a10e15b5ce44aa3d
SHA1

93e9f9697beddf05bbd4c025a2b98634775bea08
SHA256

696e4df71b02496f7d6f135bb6b133415ea52fb0fd5e5a380b4add50d946ef0d
SHA512

066c6df50e8633d8fb6c05164faea9c6f6b55b792e1aab5ce47e028b08e02cd3386a6e56c318b33068082e9eed3b6117fda1f1815353bbb91067c6c25ea6b498
SSDEEP

192:qDLw8dHabRDEgtHyl0NSypWak6HVdW3yWak8QjdW3w92b:kldHad/N20IypWak8dWiWak8EdW7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06e087b68717e986a10e15b5ce44aa3d_JaffaCakes118

Files

06e087b68717e986a10e15b5ce44aa3d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ca9067d44c94cd8b6f01ab628299122b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3d8thk.pdb

Imports

gdi32

DdEntry1
DdEntry2
DdEntry3
DdEntry5
DdEntry4
DdEntry7
DdEntry8
DdEntry9
DdEntry10
DdEntry11
DdEntry13
DdEntry12
DdEntry14
DdEntry17
DdEntry15
DdEntry18
DdEntry16
DdEntry50
DdEntry19
DdEntry20
DdEntry21
DdEntry24
DdEntry22
DdEntry23
DdEntry25
DdEntry26
DdEntry27
DdEntry28
DdEntry29
DdEntry30
DdEntry31
DdEntry6
DdEntry32
DdEntry33
DdEntry34
DdEntry35
DdEntry37
DdEntry36
DdEntry38
DdEntry39
DdEntry40
DdEntry41
DdEntry42
DdEntry43
DdEntry44
DdEntry45
DdEntry46
DdEntry47
DdEntry48
DdEntry49
DdEntry51
DdEntry52
DdEntry53
DdEntry54
DdEntry55
DdEntry56

msvcrt

_adjust_fdiv
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

OsThunkD3dContextCreate
OsThunkD3dContextDestroy
OsThunkD3dContextDestroyAll
OsThunkD3dDrawPrimitives2
OsThunkD3dValidateTextureStageState
OsThunkDdAddAttachedSurface
OsThunkDdAlphaBlt
OsThunkDdAttachSurface
OsThunkDdBeginMoCompFrame
OsThunkDdBlt
OsThunkDdCanCreateD3DBuffer
OsThunkDdCanCreateSurface
OsThunkDdColorControl
OsThunkDdCreateD3DBuffer
OsThunkDdCreateDirectDrawObject
OsThunkDdCreateMoComp
OsThunkDdCreateSurface
OsThunkDdCreateSurfaceEx
OsThunkDdCreateSurfaceObject
OsThunkDdDeleteDirectDrawObject
OsThunkDdDeleteSurfaceObject
OsThunkDdDestroyD3DBuffer
OsThunkDdDestroyMoComp
OsThunkDdDestroySurface
OsThunkDdEndMoCompFrame
OsThunkDdFlip
OsThunkDdFlipToGDISurface
OsThunkDdGetAvailDriverMemory
OsThunkDdGetBltStatus
OsThunkDdGetDC
OsThunkDdGetDriverInfo
OsThunkDdGetDriverState
OsThunkDdGetDxHandle
OsThunkDdGetFlipStatus
OsThunkDdGetInternalMoCompInfo
OsThunkDdGetMoCompBuffInfo
OsThunkDdGetMoCompFormats
OsThunkDdGetMoCompGuids
OsThunkDdGetScanLine
OsThunkDdLock
OsThunkDdLockD3D
OsThunkDdQueryDirectDrawObject
OsThunkDdQueryMoCompStatus
OsThunkDdReenableDirectDrawObject
OsThunkDdReleaseDC
OsThunkDdRenderMoComp
OsThunkDdResetVisrgn
OsThunkDdSetColorKey
OsThunkDdSetExclusiveMode
OsThunkDdSetGammaRamp
OsThunkDdSetOverlayPosition
OsThunkDdUnattachSurface
OsThunkDdUnlock
OsThunkDdUnlockD3D
OsThunkDdUpdateOverlay
OsThunkDdWaitForVerticalBlank

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text8
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ca9067d44c94cd8b6f01ab628299122b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 8KB

.data Size: - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text8 Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.text8
Size: 2KB - Virtual size: 4KB