5fe650b520e56cb0188a515ae87f54da_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5fe650b520e56cb0188a515ae87f54da_JaffaCakes118
Size

2.1MB
MD5

5fe650b520e56cb0188a515ae87f54da
SHA1

3375e61fb7cbe4c746932f28c995908be4d6d4db
SHA256

46e287a53f60bf1d74aaa0fb1b5effbbcfb7884f175c719d1e09308bf4277a75
SHA512

decaa0a08830b5ec9c4c2b0dc7afd850ae5ff27bbe93e6e613baa64de7a4aa4aec13f8a752b7b6245af01b5b31b112164d931cf6d9a031a4d9a9565ba046d737
SSDEEP

49152:/hER41ExPrOiFmO/m9XHeC1TAJJpxRqAcHpF:/qS1ExdFmOWe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fe650b520e56cb0188a515ae87f54da_JaffaCakes118

Files

5fe650b520e56cb0188a515ae87f54da_JaffaCakes118
.dll windows:5 windows x86 arch:x86

fb8ffe5477ea5c8b2a1522bbb0d83af9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Temp\Redline Reverb VST\Release\Redline Reverb VST.pdb

Imports

kernel32

GlobalFree
GlobalUnlock
GlobalSize
GlobalLock
SetThreadPriority
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
GetThreadTimes
GetCurrentThread
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
GetCommandLineA
GetSystemTimeAsFileTime
HeapFree
TerminateProcess
UnhandledExceptionFilter
ExitThread
CreateThread
HeapAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
ResumeThread
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LeaveCriticalSection
HeapReAlloc
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
GetTickCount
VirtualAlloc
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
VirtualQuery
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FreeLibrary
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
GetTimeZoneInformation
GetModuleFileNameW
CreateFileW
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
TryEnterCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateTimerQueueTimer
ChangeTimerQueueTimer
InterlockedExchange
DeleteTimerQueueTimer
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetLastError
FindFirstFileA
FindNextFileA
FindClose
GetCurrentDirectoryA
CreateFileA
CloseHandle
CreateDirectoryA
SetCurrentDirectoryA
GetProcessHeap
GetTempPathA
GetTempFileNameA
GetLongPathNameA
VirtualProtect
GetLocalTime
LoadLibraryA
GetProcAddress
GetSystemInfo
IsDebuggerPresent
GetVersionExA
Sleep
DebugBreak
QueryPerformanceCounter
QueryPerformanceFrequency
OutputDebugStringA
HeapSize
GetModuleFileNameA

msimg32

AlphaBlend

wsock32

socket
closesocket
recv
shutdown
gethostbyname
ioctlsocket
send
WSACleanup
htons
WSAStartup
connect

user32

GetWindowRect
FillRect
FrameRect
DestroyMenu
DeleteMenu
CreatePopupMenu
GetSubMenu
ModifyMenuA
MapWindowPoints
TrackPopupMenu
GetMenuItemInfoA
SetMenuItemInfoA
AppendMenuA
EnableWindow
GetClassInfoA
GetSysColorBrush
RegisterClassA
CreateWindowExA
GetDC
UpdateWindow
ShowWindow
TranslateMessage
GetUpdateRect
BeginPaint
ValidateRect
EndPaint
SetFocus
SetCapture
DefWindowProcA
ReleaseCapture
GetFocus
GetWindowLongA
SetLayeredWindowAttributes
SetWindowPos
GetWindowInfo
SetWindowLongA
ReleaseDC
DestroyWindow
UnregisterClassA
PostQuitMessage
MessageBoxA
LoadCursorA
SetCursor
GetKeyState
SetTimer
DispatchMessageA
GetMessageA
RegisterClassExA
SendMessageA
GetClientRect
LoadImageA
GetWindowDC
GetDesktopWindow
TrackMouseEvent
DrawTextA
KillTimer

gdi32

SetBrushOrgEx
SetStretchBltMode
GetStockObject
DeleteDC
SelectObject
CreateCompatibleDC
MoveToEx
SetPixel
GetDCPenColor
LineTo
Ellipse
StretchBlt
Pie
SetDCPenColor
SetDCBrushColor
SetTextColor
SetBkColor
SaveDC
RestoreDC
DeleteObject
SelectClipRgn
CreateRectRgn
GetClipBox
OffsetViewportOrgEx
SetViewportOrgEx
SetBkMode
SetTextAlign
CreateFontA
CreateCompatibleBitmap
SetMapMode
GetDIBits
SetDIBits
CreateBitmap
CreateDIBSection
GetObjectA
Rectangle
CreateSolidBrush
Arc
GdiFlush
BitBlt

comdlg32

GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA

advapi32

RegSetValueExA
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegEnumKeyExA
RegQueryValueExA
RegEnumValueA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA

shell32

SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
DragAcceptFiles
DragQueryFileA
ShellExecuteA

ole32

OleUninitialize
RegisterDragDrop
OleInitialize
CoUninitialize
RevokeDragDrop
CoInitialize

Exports

Exports

?VstPluginMain@@YAHP6AHPAUAEffect@@HHHPAXM@Z@Z
main

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 333KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb8ffe5477ea5c8b2a1522bbb0d83af9

Headers

File Characteristics

PDB Paths

Imports

kernel32

msimg32

wsock32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 333KB - Virtual size: 332KB

.data Size: 56KB - Virtual size: 70KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 131KB - Virtual size: 131KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 333KB - Virtual size: 332KB

.data
Size: 56KB - Virtual size: 70KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 131KB - Virtual size: 131KB