8aae1f118678ef37cd1247acf83c823c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8aae1f118678ef37cd1247acf83c823c_JaffaCakes118
Size

2.9MB
MD5

8aae1f118678ef37cd1247acf83c823c
SHA1

7ad6540a49bdecfba2a11d2cf8e10105c77e06ce
SHA256

1d4c2813c27bb03bc90488f29404b0a53757a6d36420e735365beea7223fd4ba
SHA512

005891df2ecf3a3844ae2454aabe4f5565e668d5ab00a930d3abd891f609c55324b7302a2e39b4b973f8b6494a77115a7975e04e115b431f719ef66cf9974cb9
SSDEEP

49152:GBjXskXXzhdDRXZLHhSsrxSXOD+9y4vBCz+Zn/1X6xp0+YgGz4TYUPp7wHfe3GMe:kj8kXXzhpF5HhSsrxSXh9y4vBAen/1XV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8aae1f118678ef37cd1247acf83c823c_JaffaCakes118

Files

8aae1f118678ef37cd1247acf83c823c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8f787730bd1c0ace1216e4adf5cb09da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\coretech\source\kimi\svg\public\libraries\windows\release\dynamic\SVGCore.pdb

Imports

ace

ord3
ord2
ord4

agm

ord4
ord3

bib

ord5
ord4
ord11

cooltype

ord3
ord1

winmm

mmioSetInfo
mmioSeek
mmioDescend
mmioRead
mmioOpenA
mmioAdvance
mmioGetInfo
mmioClose

kernel32

ReleaseMutex
GetSystemDirectoryA
SetEnvironmentVariableA
CompareStringW
GetProcAddress
LoadLibraryA
FreeLibrary
GetTempPathA
CreateDirectoryA
GetFileAttributesA
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsFree
DeleteCriticalSection
CreateEventA
CloseHandle
SetEvent
WaitForSingleObject
CreateMutexA
GetLocaleInfoA
OutputDebugStringA
DisableThreadLibraryCalls
SetThreadPriority
CreateThread
ReadFile
SetFilePointer
CreateFileA
QueryPerformanceFrequency
QueryPerformanceCounter
MapViewOfFile
GetSystemInfo
CreateFileMappingA
GetFileSize
UnmapViewOfFile
InterlockedIncrement
Sleep
GetLastError
InterlockedDecrement
MultiByteToWideChar
ResetEvent
GetVersionExA
GetACP
GetUserDefaultLCID
WideCharToMultiByte
CompareStringA
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetCurrentThreadId
IsValidLocale
EnumSystemLocalesA
GetModuleFileNameA
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetTimeZoneInformation
DeleteFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapReAlloc
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
SetEndOfFile
GetTimeFormatA
GetDateFormatA
SetLastError
GetCPInfo
GetOEMCP
LCMapStringA
LCMapStringW
HeapSize
GetStdHandle
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetTickCount
GetCurrentProcessId
VirtualAlloc
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers

user32

wsprintfA
GetKeyboardLayout

ole32

CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

DllMain
SOMPackageGetEntryPoints

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 604KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f787730bd1c0ace1216e4adf5cb09da

Headers

File Characteristics

PDB Paths

Imports

ace

agm

bib

cooltype

winmm

kernel32

user32

ole32

advapi32

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 604KB - Virtual size: 602KB

.data Size: 132KB - Virtual size: 267KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 196KB - Virtual size: 194KB

.text Size: 132KB - Virtual size: 132KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 604KB - Virtual size: 602KB

.data
Size: 132KB - Virtual size: 267KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 196KB - Virtual size: 194KB

.text
Size: 132KB - Virtual size: 132KB