b:\test_form\e-gold_dll_UPDATE8_AntiVir\release\dll_vc++.pdb
Static task
static1
Behavioral task
behavioral1
Sample
956b8f28e9970b0af72b09b6a21712b3_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
956b8f28e9970b0af72b09b6a21712b3_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
956b8f28e9970b0af72b09b6a21712b3_JaffaCakes118
-
Size
108KB
-
MD5
956b8f28e9970b0af72b09b6a21712b3
-
SHA1
65ada7ade4b083d83b2e07507f46c51a820553f8
-
SHA256
3b06a45f3695809912e2c239229604c85228658880e90f4c51e7bda1c1024ab8
-
SHA512
41c077852d8b1e4a2ef40c142a2a349ba84243a23edbc9b5b757dcae15a5f2686673962a834a748f55e6aadee8a5c311c8eceab2e66fbcc6db107a4e72a0f9e9
-
SSDEEP
1536:be8HhYelV0NAnDzYZH+ZBztKL0Zwd7JeAELhQOtg4H:LHHV0NUFLPwRJTEGOtg4H
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 956b8f28e9970b0af72b09b6a21712b3_JaffaCakes118
Files
-
956b8f28e9970b0af72b09b6a21712b3_JaffaCakes118.dll windows:4 windows x86 arch:x86
f824f5d62bd20f773daa5a19614fffff
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
InterlockedDecrement
CloseHandle
CreateThread
GetSystemDirectoryA
lstrcatA
CreateFileA
WriteFile
CreateProcessA
Sleep
GetProcessHeap
InterlockedIncrement
lstrcpyA
HeapFree
lstrcmpiA
GetModuleFileNameA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
lstrlenA
WideCharToMultiByte
HeapAlloc
MultiByteToWideChar
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoW
HeapSize
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
GetLastError
GetProcAddress
GetModuleHandleA
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetStdHandle
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
user32
DispatchMessageW
TranslateMessage
SetWindowPos
GetMessageW
advapi32
RegCreateKeyExA
RegCloseKey
RegSetValueExA
ole32
CoInitialize
CoUninitialize
OleInitialize
CoCreateInstance
oleaut32
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantCopy
VariantClear
VariantInit
SysAllocString
SysFreeString
Exports
Exports
_tDllFunc2@4
_tDllFunc@4
f
Sections
.text Size: 68KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ