5c524aa1bd4035ce8b9954465a3d4a48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c524aa1bd4035ce8b9954465a3d4a48_JaffaCakes118
Size

663KB
MD5

5c524aa1bd4035ce8b9954465a3d4a48
SHA1

f30212338e0350d7f50e2aa16e9048811664e5a2
SHA256

893d46ebf89141b58dd9c35bc4160939da1a59c82c80dfa65334d863764a769e
SHA512

f2a86388e1276229ea215ebc0998fa64ca81e9948afd1e10c9dd3ef0018468ab980687478f886b7fcc8850ba654575c01afabe0d3aa0f5c8b17ace80b9cec7b8
SSDEEP

12288:pyJevCgdcgvquVn/GwByk4NUiePsH/ej8PkouJsbIPvK/A7UksTZZvSvbA8P:pyJQTyQ/PsHWYco3kF7INMjzP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c524aa1bd4035ce8b9954465a3d4a48_JaffaCakes118

Files

5c524aa1bd4035ce8b9954465a3d4a48_JaffaCakes118
.dll windows:5 windows x86 arch:x86

e223f0b3e768c94d8c9ad8012e661c79

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\build\source\datatype_rn\flash\renderer\rel32\swfrender.pdb

Imports

winmm

waveOutGetDevCapsA
waveOutOpen
timeSetEvent
waveOutPrepareHeader
waveOutWrite
timeKillEvent
waveOutReset
waveOutUnprepareHeader
waveOutClose
timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

user32

LoadCursorA
SetCursor
MapWindowPoints
GetKeyState
GetClipboardData
OpenClipboard
SetClipboardData
CloseClipboard
GetDC
ReleaseDC

kernel32

InitializeCriticalSection
Sleep
GetCPInfo
IsDBCSLeadByte
LeaveCriticalSection
GetTickCount
QueryPerformanceFrequency
EnterCriticalSection
GetCurrentThreadId
GetACP
GlobalAlloc
GlobalLock
QueryPerformanceCounter
GlobalUnlock
GlobalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange

gdi32

SelectPalette
GetSystemPaletteEntries
StretchBlt
RealizePalette
SaveDC
IntersectClipRect
SetTextAlign
RestoreDC
CreateFontIndirectA
GetTextMetricsA
SetTextColor
CreateSolidBrush
GetStockObject
Rectangle
CreatePen
GetTextExtentPoint32A
ExtTextOutA
GetBkMode
SetBkMode
GetBkColor
SetBkColor
MoveToEx
LineTo
EnumFontFamiliesA
CreatePalette
CreateCompatibleDC
GetDeviceCaps
CreateDIBSection
DeleteDC
CreateCompatibleBitmap
GdiFlush
SetDIBitsToDevice
StretchDIBits
SelectObject
DeleteObject

msvcr90

_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_amsg_exit
_initterm_e
_initterm
_malloc_crt
_decode_pointer
_onexit
_lock
_putenv
_encode_pointer
__dllonexit
_encoded_null
memset
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
memcpy
memmove
frexp
strchr
_purecall
_vsnprintf
atoi
atol
_time32
rand
srand
??_V@YAXPAX@Z
sprintf
??_U@YAPAXI@Z
strrchr
strstr
_strnicmp
strncpy
_CIsqrt
_CIpow
strtol
isspace
getenv
tolower
isupper
_stricmp
sscanf
calloc
iscntrl
_unlock

Exports

Exports

CanUnload2
RMACreateInstance

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e223f0b3e768c94d8c9ad8012e661c79

Headers

File Characteristics

PDB Paths

Imports

winmm

user32

kernel32

gdi32

msvcr90

Exports

Exports

Sections

.text Size: 291KB - Virtual size: 290KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 244KB - Virtual size: 248KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 10KB - Virtual size: 10KB

.text Size: 62KB - Virtual size: 64KB

.text
Size: 291KB - Virtual size: 290KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 244KB - Virtual size: 248KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 10KB - Virtual size: 10KB

.text
Size: 62KB - Virtual size: 64KB