398244e08406a72115c62bccb9c571f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

398244e08406a72115c62bccb9c571f6_JaffaCakes118
Size

126KB
MD5

398244e08406a72115c62bccb9c571f6
SHA1

7ebafddd0504e63329c7e354f413345821dda72a
SHA256

5e53009a807d34bbea8fadabcfd8a4c4171ce4952991a30e65a2a40d1aa95417
SHA512

ca5ff40acd86b07fa9198fb98dda8ac7df7db5382dc5a807ecaaa843bf804dab43c32765f4229e42637559148dac1f4a16975f36369350c988b15c33c4978954
SSDEEP

1536:G8d3uEmEENO1HtuPaV2X29HkbOhdfIp5oM/1Kabll1Fps5Xl9xg4hltuTUWe8E:G2mfNO1HUyVskNdAvoMlj3psx/+qToE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
398244e08406a72115c62bccb9c571f6_JaffaCakes118

Files

398244e08406a72115c62bccb9c571f6_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2490b52c08384212d20bc3a98f3d14d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\T27L10NSP32EP1\build\020p\maps\release\atWbxPDM.pdb

Imports

user32

ReleaseDC
GetDC

advapi32

RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyW
RegCloseKey
RegQueryValueExW

gdi32

DPtoLP
CreatePen
DeleteObject
Polyline
SelectObject

kernel32

LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentThreadId
FreeLibrary
GetProcAddress
DisableThreadLibraryCalls
LoadLibraryExW
SetCurrentDirectoryW
GetCurrentDirectoryW
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetTickCount

msvcp90

?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr90

??0exception@std@@QAE@ABV01@@Z
_vsnwprintf_s
memset
??_V@YAXPAX@Z
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_CxxThrowException
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
??2@YAPAXI@Z
_invalid_parameter_noinfo
_purecall
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_initterm
??3@YAXPAX@Z

Exports

Exports

WbxNewPDMDevice
WbxNewPDMMaster

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2490b52c08384212d20bc3a98f3d14d0

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

gdi32

kernel32

msvcp90

msvcr90

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 100KB - Virtual size: 100KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 100KB - Virtual size: 100KB

.reloc
Size: 2KB - Virtual size: 1KB