64384a0cb2114e41edd20c294dd8fa3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64384a0cb2114e41edd20c294dd8fa3f_JaffaCakes118
Size

960KB
MD5

64384a0cb2114e41edd20c294dd8fa3f
SHA1

bd0f46cf68f968138d3d290300980131aa4a3490
SHA256

594c962bc9618ae2b2ff4d5b4dd8ae8992a2d5ce03e0b39cfb43753afac7f6e1
SHA512

43ae083c30b10bcc27f58b7d69980662eceb3f63c18a815b038a1127eb92dc292eab291f66621d2beb3cabd3fa32d85e50a713771221cfa1f157718e738725a5
SSDEEP

24576:kQZCs9EgAkkqXhz+9y10xkfvVEfVvlce:kRmz+yXE1lce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64384a0cb2114e41edd20c294dd8fa3f_JaffaCakes118

Files

64384a0cb2114e41edd20c294dd8fa3f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e4497ac0b11334e4c0169a387033c804

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Mario\Documents\Visual Studio Projects\PHCd3d9Base\Debug\PHCd3d9Base.pdb

Imports

kernel32

MapViewOfFile
CreateFileMappingA
CreateFileA
CreateFileW
UnmapViewOfFile
GetProcAddress
CreateThread
Sleep
GetModuleHandleA
GetModuleFileNameA
VirtualProtect
GetFileSize
FindResourceW
FindResourceA
IsBadWritePtr
IsBadReadPtr
HeapValidate
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DebugBreak
RaiseException
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
SetLastError
GetLastError
GetCurrentThread
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapAlloc
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
TerminateProcess
GetCurrentProcess
ExitProcess
VirtualAlloc
WideCharToMultiByte
GetTimeZoneInformation
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetProcessHeap
CloseHandle
FreeLibrary
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
InterlockedExchange
SetConsoleCtrlHandler
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
IsBadCodePtr
SetFilePointer
SetStdHandle
GetLocaleInfoW
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushInstructionCache
InterlockedCompareExchange
GetFullPathNameA
lstrcmpiA
LockResource
LoadResource
SizeofResource
MulDiv

user32

GetCursorPos
GetSystemMetrics
RegisterClassExA
GetDesktopWindow
CreateWindowExA
DestroyWindow
DefWindowProcA
GetAsyncKeyState

gdi32

SetMapMode
SelectObject
SetTextColor
CreateDIBSection
CreateCompatibleDC
CreateFontA
GetDeviceCaps
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
DeleteObject
DeleteDC

d3d9

Direct3DCreate9

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.textbss
Size: - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4497ac0b11334e4c0169a387033c804

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

d3d9

advapi32

Sections

.textbss Size: - Virtual size: 368KB

.text Size: 760KB - Virtual size: 758KB

.rdata Size: 116KB - Virtual size: 114KB

.data Size: 44KB - Virtual size: 64KB

.idata Size: 8KB - Virtual size: 4KB

.reloc Size: 28KB - Virtual size: 24KB

.textbss
Size: - Virtual size: 368KB

.text
Size: 760KB - Virtual size: 758KB

.rdata
Size: 116KB - Virtual size: 114KB

.data
Size: 44KB - Virtual size: 64KB

.idata
Size: 8KB - Virtual size: 4KB

.reloc
Size: 28KB - Virtual size: 24KB