083d03c3f380d71abc2ae8082e19d995_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

083d03c3f380d71abc2ae8082e19d995_JaffaCakes118
Size

610KB
MD5

083d03c3f380d71abc2ae8082e19d995
SHA1

4c90354052946f2d73b62bb43f0d72c84e4ee30f
SHA256

b05eb26a54a3b85a91ea3817b4390b080672a11064c04466db90387b75b7fedc
SHA512

5e5391fd5a546a179eabcb94625f6a86787f1c9e252078aa18ce58f888a28f01e7361fbefebe6e1170e893dd694a6f74368cc0a0cd3b1753930202b1dfbff1da
SSDEEP

12288:qntWscyUk9hoQeKl+b1NfSID07rkX+EqV4GjumW77gQVT3yXPOWhcnhI:qt/cvb1N6IDDYV4R4T8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
083d03c3f380d71abc2ae8082e19d995_JaffaCakes118

Files

083d03c3f380d71abc2ae8082e19d995_JaffaCakes118
.exe windows:6 windows x86 arch:x86

8de0a9197f91897f98890a5051ecd7d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Nover\source\repos\Metin2Config\Release\Metin2Config.pdb

Imports

d3d9

Direct3DCreate9

kernel32

LockResource
SizeofResource
FindResourceW
DecodePointer
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetCurrentThreadId
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
lstrcmpiW
MultiByteToWideChar
ReadConsoleW
ReadFile
CreateFileW
GetConsoleMode
GetConsoleCP
LoadResource
SetFilePointerEx
GetFileSizeEx
GetStringTypeW
SetStdHandle
SetConsoleCtrlHandler
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindResourceExW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
SetEndOfFile
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FlushFileBuffers
IsDebuggerPresent
WriteConsoleW
OutputDebugStringW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetCurrentThread
GetFileType
FindClose
FindFirstFileExW

user32

SendMessageW
SetWindowPos
EndDialog
GetDlgItem
GetSystemMetrics
GetActiveWindow
CharNextW
DialogBoxParamW
DestroyWindow
UnregisterClassW
GetMonitorInfoW
MonitorFromWindow
LoadImageW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
MapWindowPoints
GetWindowRect
GetClientRect

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarUI4FromStr
SysFreeString

comctl32

ord17

Sections

.text
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8de0a9197f91897f98890a5051ecd7d7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d9

kernel32

user32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 353KB - Virtual size: 353KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 177KB - Virtual size: 177KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 353KB - Virtual size: 353KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 177KB - Virtual size: 177KB

.reloc
Size: 12KB - Virtual size: 11KB