3e553ca934245c858cdea05c100118bb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3e553ca934245c858cdea05c100118bb_JaffaCakes118
Size

344KB
MD5

3e553ca934245c858cdea05c100118bb
SHA1

d6e58420ccf77c70d211cf4267737643d0016d79
SHA256

82391977a4f9b37008912165a8e53f5ac4f465345586bd337267ae0ada11759c
SHA512

cc3e3760dc715dcbef71d99c7e7dd1cd56e382a4b60b888bdc688ef17522457c9ce3125d0459cb40e9acfc54adf4f031bd4cadb81f0c307c925b8ec91dc770de
SSDEEP

6144:Yz83lVou+dunnu3qnTV6W5nzvf8/wIfyB:/1V9nnnu3qnEW5n7E4f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e553ca934245c858cdea05c100118bb_JaffaCakes118

Files

3e553ca934245c858cdea05c100118bb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ed8957d8eab1f1fd86aca163744ea3ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Kaichen\Downloads\Virtu\Source\Virtuos_v17\Build\Program\WORLDDIALOG\Release\WorldDialog.pdb

Imports

kernel32

WideCharToMultiByte
OutputDebugStringA
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcAddress
GetModuleHandleA
HeapFree
TlsAlloc
SetLastError
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
CloseHandle
ReadFile
SetFilePointer
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
InterlockedExchange
VirtualQuery
FlushFileBuffers
CreateFileA
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetEndOfFile
VirtualProtect
GetSystemInfo
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

FindScriptKey
InitWorldDialog
RunDialog
SetLanguage

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ed8957d8eab1f1fd86aca163744ea3ef

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 32KB - Virtual size: 36KB

.reloc Size: 20KB - Virtual size: 17KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 32KB - Virtual size: 36KB

.reloc
Size: 20KB - Virtual size: 17KB

.rmnet
Size: 60KB - Virtual size: 60KB