d:\LocalSvnForDailyBuild\dabingusa_beta\Bin\Release\plugin\Func.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
7589dd464119badba5acd00946ff9fc3_JaffaCakes118.dll
Resource
win7-20240704-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
7589dd464119badba5acd00946ff9fc3_JaffaCakes118.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
4 signatures
150 seconds
General
-
Target
7589dd464119badba5acd00946ff9fc3_JaffaCakes118
-
Size
4.1MB
-
MD5
7589dd464119badba5acd00946ff9fc3
-
SHA1
af8f77941ae10ff7840067ff596b8d284e79515b
-
SHA256
e6c0c6cdda065822f5fe0caf19cc776f2eb92155e7189d3186eae290c1d154b5
-
SHA512
5d816a1094c74ebea2e3c4738a628ced3a0a43a5f29f3e192a93d3ad6a2cd0b5b3eb5d8e368edc40401d3f968f6d69ce5187f6d472fb2be00ae260d4d66d8081
-
SSDEEP
49152:cAh3epNJ5YzDItv2trQ1dKRCpMhqL56rTa6qixtcR/i:T8pf5Ce+1Q1dKmTY7
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7589dd464119badba5acd00946ff9fc3_JaffaCakes118
Files
-
7589dd464119badba5acd00946ff9fc3_JaffaCakes118.dll windows:4 windows x86 arch:x86
da53cabd0d226d31fc1ec040c5b1b0e9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
imagehlp
CheckSumMappedFile
psapi
GetModuleInformation
GetProcessImageFileNameA
winmm
timeEndPeriod
PlaySoundA
timeBeginPeriod
timeGetTime
advapi32
RegEnumKeyExA
RegEnumValueA
SetSecurityInfo
AddAccessAllowedAce
AddAccessDeniedAce
InitializeAcl
GetTokenInformation
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
OpenProcessToken
AllocateAndInitializeSid
RegOpenKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
FreeSid
user32
SetRect
MessageBeep
IsClipboardFormatAvailable
DestroyIcon
DeleteMenu
PostThreadMessageA
GetSysColorBrush
DrawEdge
SetParent
DestroyMenu
GetMenuItemInfoA
CharNextA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
InsertMenuA
RemoveMenu
SetWindowContextHelpId
MapDialogRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
CheckMenuItem
ShowOwnedPopups
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
PostQuitMessage
RegisterClipboardFormatA
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
CopyAcceleratorTableA
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextLengthA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetMessageTime
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetRectEmpty
CreateMenu
SetWindowRgn
GetDCEx
SetForegroundWindow
UpdateWindow
IsRectEmpty
InvalidateRgn
SetCapture
ReleaseCapture
IsWindowEnabled
GetNextDlgGroupItem
GetMenu
FindWindowA
GetSystemMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
LoadStringA
DeferWindowPos
PtInRect
SetWindowPlacement
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
TranslateAcceleratorA
SetMenu
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
MapVirtualKeyExA
IsCharLowerA
SubtractRect
CharUpperBuffA
ReuseDDElParam
SystemParametersInfoA
IsIconic
GetMenuDefaultItem
SetMenuDefaultItem
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetWindowPlacement
GetWindow
DrawTextW
LockWindowUpdate
DestroyWindow
SetCursor
SetClassLongA
LoadCursorA
UnregisterClassA
SetWindowLongA
GetWindowLongA
EnableMenuItem
AppendMenuA
CreatePopupMenu
SetScrollInfo
GetScrollInfo
LoadImageA
SetFocus
GetWindowTextA
IsWindow
GetDlgCtrlID
SetWindowTextA
EnumWindows
GetWindowThreadProcessId
PostMessageA
UnhookWindowsHookEx
KillTimer
SetTimer
LoadIconA
ShowScrollBar
UnionRect
GetSubMenu
LoadMenuA
MessageBoxA
CopyRect
FillRect
GetMessagePos
ScreenToClient
GetCursorPos
FrameRect
GetSysColor
InvalidateRect
DrawTextA
ShowWindow
GetUpdateRect
DestroyAcceleratorTable
NotifyWinEvent
CopyImage
SetWindowPos
DestroyCursor
DrawFrameControl
DrawFocusRect
GetWindowRect
LoadMenuIndirectA
CreateAcceleratorTableA
IsMenu
DrawStateA
GetSystemMetrics
RedrawWindow
GetClientRect
IsWindowVisible
GetParent
EnableWindow
CharUpperA
CreateIconIndirect
SendMessageA
GetDesktopWindow
EnumChildWindows
GetWindowRgn
DrawIconEx
WaitMessage
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DrawIcon
IsZoomed
GetCursor
GetIconInfo
GetClassNameA
WindowFromPoint
EnableScrollBar
CopyIcon
SetCursorPos
UnpackDDElParam
GetForegroundWindow
gdi32
SetPolyFillMode
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
BitBlt
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SetTextColor
CreateFontIndirectA
GetObjectA
RestoreDC
SaveDC
Arc
SetPixel
SelectObject
CopyMetaFileA
CreateBitmap
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
CreateDCA
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
GetBkColor
GetTextColor
Escape
SetViewportOrgEx
PatBlt
OffsetViewportOrgEx
CreateRectRgnIndirect
SetViewportExtEx
GetClipBox
ScaleViewportExtEx
Polyline
GetDIBits
RealizePalette
EnumFontFamiliesA
DeleteDC
SetBkColor
SetBkMode
CreateDIBSection
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SelectPalette
CreatePen
ExtCreatePen
CreateSolidBrush
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetTextExtentPoint32A
LPtoDP
GetTextMetricsA
GetRgnBox
OffsetRgn
GetViewportOrgEx
Rectangle
GetTextCharset
GetWindowOrgEx
GetTextFaceA
ExtCreateRegion
CreatePalette
CreateRoundRectRgn
GetNearestColor
Ellipse
StretchBlt
CreatePolygonRgn
FillRgn
FrameRgn
CreateEllipticRgn
PtInRegion
Polygon
SetPixelV
EnumFontFamiliesExA
GetSystemPaletteEntries
GetNearestPaletteIndex
RoundRect
SetPaletteEntries
GetPaletteEntries
ExtFloodFill
GetBoundsRect
CreateDIBitmap
GetTextCharsetInfo
shell32
ShellExecuteA
SHAppBarMessage
SHGetPathFromIDListA
SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetFileInfoA
SHFileOperationA
d3d8
Direct3DCreate8
kernel32
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
GlobalAlloc
lstrcmpA
GlobalLock
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
SetThreadPriority
SetEvent
CreateEventA
GetModuleFileNameW
InterlockedDecrement
GlobalFree
MulDiv
LocalFree
FormatMessageA
GlobalUnlock
GlobalSize
CopyFileA
InterlockedIncrement
GetThreadLocale
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
FreeLibrary
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetUserDefaultLCID
GetFileAttributesA
GetFileTime
GetProfileIntA
GetTempFileNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapReAlloc
VirtualAlloc
GetSystemInfo
GetSystemTimeAsFileTime
ExitProcess
GetCommandLineA
RtlUnwind
RaiseException
WriteConsoleW
GetFileType
GetStdHandle
ExitThread
CreateThread
HeapSize
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetACP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LoadLibraryW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
SetEnvironmentVariableA
GetModuleHandleA
GetLocalTime
lstrcmpW
IsProcessorFeaturePresent
GetProcessHeap
HeapFree
CreateFileW
WriteFile
FindNextFileA
ReadFile
InterlockedCompareExchange
FindResourceExA
GetTempPathA
SearchPathA
ReleaseMutex
GetFileSize
CreateFileA
FindClose
GlobalMemoryStatus
LoadLibraryA
SetLastError
FindFirstFileA
GetUserDefaultLangID
VirtualQuery
VirtualProtectEx
ReadProcessMemory
VirtualAllocEx
WriteProcessMemory
VirtualProtect
Process32First
CreateMutexA
CreateSemaphoreA
ReleaseSemaphore
GetCurrentProcessId
LocalAlloc
GetProcAddress
IsBadReadPtr
GetCurrentThreadId
ResumeThread
Thread32First
OpenThread
SuspendThread
Thread32Next
GetVersionExA
OpenProcess
WaitForSingleObject
WritePrivateProfileStringA
Sleep
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetModuleFileNameA
Process32Next
CreateToolhelp32Snapshot
CloseHandle
TerminateProcess
GetCurrentProcess
GetTickCount
SizeofResource
lstrlenA
LoadResource
InterlockedExchange
WideCharToMultiByte
LockResource
MultiByteToWideChar
CompareStringA
CompareStringW
GetLastError
GetVersion
GetStringTypeExA
lstrlenW
FindResourceA
CreateDirectoryA
TlsAlloc
comdlg32
GetFileTitleA
winspool.drv
OpenPrinterA
DocumentPropertiesA
ClosePrinter
comctl32
ImageList_GetIconSize
InitCommonControlsEx
shlwapi
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA
oledlg
ord8
ole32
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitialize
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleLockRunning
DoDragDrop
OleTranslateAccelerator
IsAccelerator
oleaut32
VariantInit
VariantClear
VariantChangeType
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
VarBstrFromDate
VarUdateFromDate
Exports
Exports
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VChangePassTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendWithIP_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserLogin_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserRegist_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLogOffTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLoginCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VOnlineTrasaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VReadConfigFile_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VRegNewCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginWithGameAccountTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestLargeDataSend_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestOnlineSession_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadGameOnlineUser_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadScript_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoad_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VChangePassEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VExtendEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VOnlineEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VReadConfigEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VRegEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VSimpleLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
GetPlugin
Sections
.text Size: 3.0MB - Virtual size: 3.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 584KB - Virtual size: 583KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 92KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data1 Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: 264KB - Virtual size: 260KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 184KB - Virtual size: 181KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ