2447eab40f9aabf21bf5d43801bff453_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2447eab40f9aabf21bf5d43801bff453_JaffaCakes118
Size

52KB
MD5

2447eab40f9aabf21bf5d43801bff453
SHA1

111e3b7892b1001c1b4013f020b7abca29485245
SHA256

3d99da70cdad0969229d906bf222dcabd63c4012d0e8c18f004ad6906cb8bba1
SHA512

5a390227654d460a1a4b38cb13f48cff7ff0ceb4e0321de33ead2a26acdd3cebdeef3527db68b505f2198c55042d2477c15639a1e907a29008d64b552a4c95cb
SSDEEP

768:HKQuMELRnVDxaQDT0oixfOT/aZB2fPmHd0HOWEmogn8:HKZzbgNXZBSOHd0HOWEmdn8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2447eab40f9aabf21bf5d43801bff453_JaffaCakes118

Files

2447eab40f9aabf21bf5d43801bff453_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4e7d6238e9fc375362058a9db798d60b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\work\V2Demo\Release\Plugin_TerrainRoad.pdb

Imports

oocore

?parse@cString@oo@@YAAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@AAV34@@Z
?cross@Vector3@oo@@QBE?AV12@ABV12@@Z
??0Vector3@oo@@QAE@ABV01@@Z
?parse@cString@oo@@YAAAKABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAK@Z
?IDENTITY@Matrix4@oo@@2V12@B
?toString@cString@oo@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABK@Z
?REAL_MIN@Math@oo@@3MA
?toString@cString@oo@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABH@Z
?parse@cString@oo@@YAAAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAH@Z
?toString@cString@oo@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABM@Z
?op_new_vc@@YAPAXIPBDH@Z
?format@uString@oo@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDZZ
?op_delete_vc@@YAXPAX@Z
??HVector3@oo@@QBE?AV01@ABV01@@Z
?parse@cString@oo@@YAAAMABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAM@Z
?REAL_MAX@Math@oo@@3MA
?normalize@Vector3@oo@@QAEXXZ

ooobject

??_VOObject@oo@@SAXPAX@Z
?SetAttribute@TiXmlElement@@QAEXPBD0@Z
??0GuardInst@StackGuard@oo@@QAE@AAV?$vector@UGuardInstInfo@StackGuard@oo@@V?$allocator@UGuardInstInfo@StackGuard@oo@@@std@@@std@@PBDK@Z
??1GuardInst@StackGuard@oo@@QAE@XZ
?mainThreadCallStack@oo@@3V?$vector@UGuardInstInfo@StackGuard@oo@@V?$allocator@UGuardInstInfo@StackGuard@oo@@@std@@@std@@A
?logError@oo@@YAXHPBDZZ
?SetAttribute@TiXmlElement@@QAEXPBDH@Z
?loadFromFile@OObject@oo@@SAPAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAK@Z
?addLoadingError@OObject@oo@@SAXW4LoadingErrorCode@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?getBaseClass@OClass@oo@@QAEPAV12@XZ
?createObject@OClass@oo@@QAEPAVOObject@2@XZ
??1EClassNotFound@oo@@QAE@XZ
?FirstChildElement@TiXmlNode@@QBEPAVTiXmlElement@@PBD@Z
?logWarning@oo@@YAXHPBDZZ
?Attribute@TiXmlElement@@QBEPBDPBD@Z
??1TiXmlElement@@UAE@XZ
?LM_Core@oo@@3_NA
?release@OUnknown@oo@@QAEXXZ
??0ProfileInstance@oo@@QAE@PAUSample@Profile@1@_N@Z
?PM_Default@oo@@3_NA
?Value@TiXmlNode@@QBEPBDXZ
?postEdited@OObject@oo@@UAEXPAVOAttribute@2@@Z
??0EClassNotFound@oo@@QAE@ABU01@@Z
??2OObject@oo@@SAPAXIPBDH@Z
?postLoaded@OObject@oo@@UAEXK@Z
??3OObject@oo@@SAXPAXPBDH@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAH@Z
?postSaved@OObject@oo@@UAEXXZ
??1ProfileInstance@oo@@QAE@XZ
?fromName@OClass@oo@@SAPAV12@PBD_N@Z
??0EClassNotFound@oo@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??0TiXmlElement@@QAE@PBD@Z
??3OObject@oo@@SAXPAX@Z
??0OO_CLASSINIT@oo@@QAE@PAVOClass@1@0KK@Z
?InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z
?beforeSaved@OObject@oo@@UAEXXZ
?postLoaded@OObject@oo@@UAEXXZ

oographics

?setMaterial@RenderSystem@oo@@QAEXPAVMaterial@2@@Z
?render@RenderSystem@oo@@QAEXPAXKW4PrimitiveType@2@I@Z
?_CLASS@Material@oo@@2VOClass@2@A
?_CLASS@FinalShader@oo@@2VOClass@2@A
?instancePtr@RenderSystem@oo@@SAPAV12@XZ

ooworld

?frameMove@Actor@@UAEXAAVTimer@oo@@ABUDrawParams@@@Z
?_objVisit@Actor@@UAEXAAUArgWriteXml@oo@@_N@Z
?getApp@@YAPAVClientApp@@XZ
?_objVisit@Actor@@UAEXAAUArgReadXml@oo@@_N@Z
?getPosition@Actor@@UBEABVVector3@oo@@XZ
?_objVisit@Actor@@UAEXAAUArgWriteBin@oo@@_N@Z
?setPosition@Actor@@UAEXABVVector3@oo@@@Z
?_objVisit@Actor@@UAEXAAUArgReadBin@oo@@_N@Z
?_objVisit@Actor@@UAEXAAVArgBase@oo@@@Z
?getRotation@Actor@@UBEABVQuaternion@oo@@XZ
??0Actor@@IAE@XZ
?setRotation@Actor@@UAEXABVQuaternion@oo@@@Z
?pick@GTerrain@@QBE_NPAVVector3@oo@@PAH1PAW4TileFace@1@ABV23@3@Z
?getTerrain@World@@QAEPAVGTerrain@@XZ
?getScaling@Actor@@UBEABVVector3@oo@@XZ
?setScaling@Actor@@UAEXABVVector3@oo@@@Z
?_objVisit@Actor_AC@@UAEXAAUArgWriteXml@oo@@_N@Z
?getMaterial@GTerrain@@QAEPAVTerrainShader@oo@@XZ
?destroy@Actor@@UAEXK@Z
??0Actor_AC@@QAE@XZ
?fillRenderQueue@Actor@@UAEXAAVRenderQueue@oo@@@Z
??4Actor@@QAEAAV0@ABV0@@Z
?generateName@Actor@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?_objVisit@Actor_AC@@UAEXAAUArgReadXml@oo@@_N@Z
??0Actor@@QAE@ABV0@@Z
?assign@Actor@@UAEXPAVOObject@oo@@@Z
?getAlwaysVisibleAABB@World@@SAABVAABB@oo@@XZ
?getAABB@Actor@@UAEABVAABB@oo@@XZ
?_CLASS@Actor@@2VOClass@oo@@A
?_CLASS@Actor_AC@@2VOClass@oo@@A
?postLoaded@Actor@@MAEXXZ
?_objVisit@Actor_AC@@UAEXAAVArgBase@oo@@@Z
?update@MovieSpline@@QAE_NMAAVVector3@oo@@00@Z
?_objVisit@Actor_AC@@UAEXAAUArgReadBin@oo@@_N@Z
??1Actor@@UAE@XZ
?init@MovieSpline@@QAE_NPAVWorld@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1MovieSpline@@UAE@XZ
?_objVisit@Actor_AC@@UAEXAAUArgWriteBin@oo@@_N@Z
??0MovieSpline@@QAE@XZ
?getWorld@@YAPAVWorld@@XZ
?setIcon@Actor@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setGlow@Actor@@UAEXH@Z
?build@Actor@@UAEXK@Z
?insertDrawActor@World@@QAEXPAVActor@@W4ActorRenderLayer@@PAX@Z
?isGlow@Actor@@UAEHXZ
??1Actor_AC@@UAE@XZ

msvcp80

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z

msvcr80

_initterm_e
_initterm
_decode_pointer
free
_encoded_null
_malloc_crt
_encode_pointer
?terminate@@YAXXZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
__CxxFrameHandler3
memset
_CxxThrowException
_amsg_exit
_CIatan

kernel32

Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange

Exports

Exports

??$TerrainRoad_objVisit@UArgReadBin@oo@@@TerrainRoad@@QAEXAAUArgReadBin@oo@@@Z
??0TerrainRoad@@QAE@ABV0@@Z
??0TerrainRoad@@QAE@XZ
??1TerrainRoad@@UAE@XZ
??4TerrainRoad@@QAEAAV0@ABV0@@Z
??_7TerrainRoad@@6B@
?ConstructRoad@TerrainRoad@@QAEXPBUDrawParams@@@Z
?_CLASS@TerrainRoad@@2VOClass@oo@@A
?_objVisit@TerrainRoad@@UAEXAAUArgReadBin@oo@@_N@Z
?_objVisit@TerrainRoad@@UAEXAAUArgReadXml@oo@@_N@Z
?_objVisit@TerrainRoad@@UAEXAAUArgWriteBin@oo@@_N@Z
?_objVisit@TerrainRoad@@UAEXAAUArgWriteXml@oo@@_N@Z
?_objVisit@TerrainRoad@@UAEXAAVArgBase@oo@@@Z
?bRealtimeGenRoad@TerrainRoad@@2_NA
?build@TerrainRoad@@UAEXK@Z
?createObject@TerrainRoad@@KAPAVOObject@oo@@XZ
?doRelease@TerrainRoad@@MAEXXZ
?draw@TerrainRoad@@UAEXABUDrawParams@@AAUActorDrawArgs@@@Z
?eventCreate@TerrainRoad@@UAEXXZ
?eventDestroy@TerrainRoad@@UAEXXZ
?getAABB@TerrainRoad@@UAEABVAABB@oo@@XZ
?getBaseClass@TerrainRoad@@SAPAVOClass@oo@@XZ
?getClass@TerrainRoad@@UBEPAVOClass@oo@@XZ
?onSeen@TerrainRoad@@UAEXAAVTimer@oo@@ABUDrawParams@@@Z
?tick@TerrainRoad@@UAEXAAVTimer@oo@@@Z

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e7d6238e9fc375362058a9db798d60b

Headers

File Characteristics

PDB Paths

Imports

oocore

ooobject

oographics

ooworld

msvcp80

msvcr80

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 428B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 428B

.reloc
Size: 4KB - Virtual size: 2KB