87dc3b8bbe85db58c555d243e760e619_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

87dc3b8bbe85db58c555d243e760e619_JaffaCakes118
Size

699KB
MD5

87dc3b8bbe85db58c555d243e760e619
SHA1

16bccced7f25d3924bbf2749bb495ab4537b20bf
SHA256

fffd39db81e79f9ffc2c5e72bde758136e0a69d5c521e406994debcfcdc311e7
SHA512

10b3a6269db0ecc0c5d65ca620d51c6ead81c4d1e8fdd58d2ac4b072e16f697d301d9da0ad4bd6045a5005d45d965640d6910c015eb3cca4a0b1304ed24ab96b
SSDEEP

12288:L9TDbH/6b6/kBMvjA4VTsib/mna6xBGcQub1zydmoJsbIPvK/A7UksT5Yd5cYtjD:L9THH/E6JmxBGNo4wJkF7IVO5PjnJF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87dc3b8bbe85db58c555d243e760e619_JaffaCakes118

Files

87dc3b8bbe85db58c555d243e760e619_JaffaCakes118
.dll windows:5 windows x86 arch:x86

0efaf1bb56918c211f132f38bc269f37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\build\source\datatype_rn\flash\renderer\rel32\swfrender.pdb

Imports

winmm

waveOutGetDevCapsA
waveOutOpen
timeSetEvent
waveOutPrepareHeader
waveOutWrite
timeKillEvent
waveOutReset
waveOutUnprepareHeader
waveOutClose
timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

user32

LoadCursorA
SetCursor
MapWindowPoints
GetKeyState
GetClipboardData
OpenClipboard
SetClipboardData
CloseClipboard
GetDC
ReleaseDC

kernel32

LoadLibraryA
Sleep
GetCPInfo
GetProcAddress
LeaveCriticalSection
GetTickCount
QueryPerformanceFrequency
EnterCriticalSection
GetCurrentThreadId
GetACP
GlobalAlloc
GlobalLock
QueryPerformanceCounter
GlobalUnlock
GlobalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange

gdi32

SelectPalette
GetSystemPaletteEntries
StretchBlt
RealizePalette
SaveDC
IntersectClipRect
SetTextAlign
RestoreDC
CreateFontIndirectA
GetTextMetricsA
SetTextColor
CreateSolidBrush
GetStockObject
Rectangle
CreatePen
GetTextExtentPoint32A
ExtTextOutA
GetBkMode
SetBkMode
GetBkColor
SetBkColor
MoveToEx
LineTo
EnumFontFamiliesA
CreatePalette
CreateCompatibleDC
GetDeviceCaps
CreateDIBSection
DeleteDC
CreateCompatibleBitmap
GdiFlush
SetDIBitsToDevice
StretchDIBits
SelectObject
DeleteObject

msvcr90

_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_amsg_exit
_initterm_e
_initterm
_malloc_crt
_decode_pointer
_onexit
_lock
_putenv
_encode_pointer
__dllonexit
_encoded_null
memset
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
memcpy
memmove
frexp
strchr
_purecall
_vsnprintf
atoi
atol
_time32
rand
srand
??_V@YAXPAX@Z
sprintf
??_U@YAPAXI@Z
strrchr
strstr
_strnicmp
strncpy
_CIsqrt
_CIpow
strtol
isspace
getenv
tolower
isupper
_stricmp
sscanf
calloc
iscntrl
_unlock

Exports

Exports

CanUnload2
RMACreateInstance

Sections

.text
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0efaf1bb56918c211f132f38bc269f37

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

user32

kernel32

gdi32

msvcr90

Exports

Exports

Sections

.text Size: 291KB - Virtual size: 291KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 244KB - Virtual size: 248KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 291KB - Virtual size: 291KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 244KB - Virtual size: 248KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 10KB - Virtual size: 10KB