81c31fa6e0b822936b1e972964a2123f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

81c31fa6e0b822936b1e972964a2123f_JaffaCakes118
Size

732KB
MD5

81c31fa6e0b822936b1e972964a2123f
SHA1

22f8d6b6c622ca61046173eab6f2ca048a6d4c31
SHA256

f54d172b7e1b8767784946985b73c9e190554b739a47825188e2314a2f0599dd
SHA512

002ca418ad22cfac4c1a4ea60d09c6916ffe7564de20057ac28cc1797e6f46d73ca59d331058846908deeec8caedad63d562ec39b7dd39bd8e281be04b0d7f08
SSDEEP

12288:5Qt+SeqxgU/MwrcDfylmcSm6Oby66W+BS00WF+TWJzhW4thI66JsbIPvK/A7Uks4:5Qt+9UJWF+TWJtrI6rkF7IeF2cTWLi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81c31fa6e0b822936b1e972964a2123f_JaffaCakes118

Files

81c31fa6e0b822936b1e972964a2123f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5966c77d9d0764e036fff45f32a30536

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\src\datatype_rn\flash\renderer\swfrender.pdb

Imports

ole32

CoInitializeEx
CoUninitialize

winmm

waveOutGetDevCapsA
waveOutOpen
timeSetEvent
waveOutPrepareHeader
waveOutWrite
timeKillEvent
waveOutReset
waveOutUnprepareHeader
waveOutClose
timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

user32

PeekMessageA
DispatchMessageA
GetMessageA
PostMessageA
PostThreadMessageA
LoadCursorA
SetCursor
MapWindowPoints
GetKeyState
GetClipboardData
OpenClipboard
SetClipboardData
CloseClipboard
GetDC
ReleaseDC

kernel32

GlobalFree
GlobalUnlock
QueryPerformanceCounter
GlobalLock
GlobalAlloc
GetACP
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
Sleep
GetCPInfo
IsDBCSLeadByte
GetCurrentProcessId
GetTickCount
QueryPerformanceFrequency
SuspendThread
ResumeThread
SetThreadPriority
GetThreadPriority
CloseHandle
WaitForSingleObject
GetLastError
DeleteCriticalSection
SetEvent
ResetEvent
CreateEventA
ExitProcess
GetSystemTimeAsFileTime

gdi32

SetBkMode
GetSystemPaletteEntries
StretchBlt
SelectPalette
RealizePalette
SaveDC
IntersectClipRect
SetTextAlign
RestoreDC
CreateFontIndirectA
GetTextMetricsA
SetTextColor
CreateSolidBrush
GetStockObject
Rectangle
CreatePen
GetTextExtentPoint32A
ExtTextOutA
GetBkMode
GetBkColor
SetBkColor
MoveToEx
LineTo
EnumFontFamiliesA
CreatePalette
CreateCompatibleDC
GetDeviceCaps
CreateDIBSection
DeleteDC
CreateCompatibleBitmap
GdiFlush
SetDIBitsToDevice
StretchDIBits
SelectObject
DeleteObject

msvcr71

isspace
__CxxFrameHandler
sscanf
calloc
strtol
iscntrl
__dllonexit
isupper
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__security_error_handler
??1type_info@@UAE@XZ
?terminate@@YAXXZ
tolower
_beginthreadex
getenv
_onexit
_putenv
_strcmpi
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
memmove
frexp
strchr
_purecall
_vsnprintf
atoi
atol
rand
srand
time
??_V@YAXPAX@Z
sprintf
??_U@YAPAXI@Z
_strnicmp
strncpy
strrchr
strstr
_CIpow
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_stricmp

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

Exports

CanUnload2
RMACreateInstance

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5966c77d9d0764e036fff45f32a30536

Headers

File Characteristics

PDB Paths

Imports

ole32

winmm

user32

kernel32

gdi32

msvcr71

msvcp71

Exports

Exports

Sections

.text Size: 296KB - Virtual size: 293KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 244KB - Virtual size: 244KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 12KB - Virtual size: 10KB

.text Size: 116KB - Virtual size: 116KB

.text
Size: 296KB - Virtual size: 293KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 244KB - Virtual size: 244KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 116KB - Virtual size: 116KB