d:\LocalSvnForDailyBuild\dabingusa_beta\Bin\Release\plugin\Func.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
ad3453c7f8cbd3076d6ead59455f8b76_JaffaCakes118.dll
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
ad3453c7f8cbd3076d6ead59455f8b76_JaffaCakes118.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
150 seconds
General
-
Target
ad3453c7f8cbd3076d6ead59455f8b76_JaffaCakes118
-
Size
4.3MB
-
MD5
ad3453c7f8cbd3076d6ead59455f8b76
-
SHA1
2005192a826b5ddbd06b4264b3b86faf962167d2
-
SHA256
922c22870215857059127fa53408465f16383379ea2df8be5ecbe0962b1c3eb3
-
SHA512
5f2b90f1703dabdc942da47c6d9f799077c4d2d39540e0cb71210f909a326f732d9c3c43582d147065c80c68c64d81dd828f3e61d817c9442102d68d794e8f44
-
SSDEEP
49152:xLSLBdgozQe5S+bA7mlHeEFKO8KUpo3lkGhn90UvYup1yxhTTrIJX6pri:g19UexfeEFK7npK9hnqCBp1yHoY
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ad3453c7f8cbd3076d6ead59455f8b76_JaffaCakes118
Files
-
ad3453c7f8cbd3076d6ead59455f8b76_JaffaCakes118.dll windows:4 windows x86 arch:x86
520417ae6ae5131d386d46fb89a587c4
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
imagehlp
CheckSumMappedFile
psapi
GetModuleInformation
GetProcessImageFileNameA
winmm
timeEndPeriod
PlaySoundA
timeBeginPeriod
timeGetTime
advapi32
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegEnumValueA
LookupPrivilegeValueA
AdjustTokenPrivileges
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
RegQueryInfoKeyA
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
SetSecurityInfo
FreeSid
user32
IsRectEmpty
CopyAcceleratorTableA
SetRect
MessageBeep
IsClipboardFormatAvailable
DeleteMenu
GetSysColorBrush
DrawEdge
SetParent
DestroyMenu
GetMenuItemInfoA
CharNextA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
InsertMenuA
RemoveMenu
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
CheckMenuItem
PostQuitMessage
ShowOwnedPopups
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
InvalidateRgn
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextLengthA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetMessageTime
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetRectEmpty
CreateMenu
SetWindowRgn
GetDCEx
SetForegroundWindow
UpdateWindow
SetCapture
ReleaseCapture
GetNextDlgGroupItem
PostThreadMessageA
IsWindowEnabled
DestroyIcon
GetMenu
FindWindowA
GetSystemMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
LoadStringA
DeferWindowPos
PtInRect
SetWindowPlacement
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
TranslateAcceleratorA
SetMenu
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
MapVirtualKeyExA
IsCharLowerA
SubtractRect
CharUpperBuffA
ReuseDDElParam
SystemParametersInfoA
IsIconic
GetMenuDefaultItem
SetMenuDefaultItem
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetWindowPlacement
GetWindow
DrawTextW
LockWindowUpdate
UnregisterClassA
DestroyWindow
SetCursor
SetClassLongA
LoadCursorA
EnableMenuItem
AppendMenuA
CreatePopupMenu
SetWindowLongA
GetWindowLongA
SetScrollInfo
GetScrollInfo
LoadImageA
SetFocus
GetWindowTextA
IsWindow
GetDlgCtrlID
SetWindowTextA
EnumWindows
GetWindowThreadProcessId
PostMessageA
UnhookWindowsHookEx
KillTimer
SetTimer
LoadIconA
ShowScrollBar
UnionRect
GetSubMenu
LoadMenuA
MessageBoxA
CopyRect
FillRect
GetMessagePos
ScreenToClient
GetCursorPos
InvalidateRect
DrawTextA
FrameRect
GetSysColor
ShowWindow
GetUpdateRect
DestroyAcceleratorTable
NotifyWinEvent
CopyImage
SetWindowPos
DestroyCursor
DrawFrameControl
DrawFocusRect
GetWindowRect
LoadMenuIndirectA
CreateAcceleratorTableA
IsMenu
DrawStateA
GetSystemMetrics
RedrawWindow
IsWindowVisible
GetParent
GetClientRect
EnableWindow
CharUpperA
CreateIconIndirect
SendMessageA
GetDesktopWindow
GetWindowRgn
DrawIconEx
WaitMessage
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DrawIcon
IsZoomed
GetCursor
GetIconInfo
EnumChildWindows
GetClassNameA
WindowFromPoint
EnableScrollBar
CopyIcon
SetCursorPos
UnpackDDElParam
GetForegroundWindow
gdi32
SetPolyFillMode
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
BitBlt
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
PatBlt
CreateRectRgnIndirect
GetBkColor
GetClipBox
Polyline
GetDIBits
RealizePalette
EnumFontFamiliesA
GetTextCharset
ExtCreateRegion
SelectClipRgn
CreateRectRgn
GetViewportExtEx
CreateDCA
GetDeviceCaps
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
CreateFontIndirectA
GetObjectA
CreatePalette
Escape
SetTextColor
SetViewportOrgEx
OffsetViewportOrgEx
CreateRoundRectRgn
SetViewportExtEx
SelectObject
ScaleViewportExtEx
GetNearestColor
RestoreDC
StretchBlt
SaveDC
DeleteDC
SetBkColor
SetBkMode
CreateDIBSection
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SelectPalette
CreatePen
ExtCreatePen
CreateSolidBrush
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetTextExtentPoint32A
LPtoDP
GetTextMetricsA
GetRgnBox
OffsetRgn
GetViewportOrgEx
Rectangle
Arc
GetWindowOrgEx
GetTextFaceA
CreatePolygonRgn
FillRgn
FrameRgn
CreateEllipticRgn
PtInRegion
SetPixel
GetTextColor
Polygon
CopyMetaFileA
SetPixelV
CreateDIBitmap
Ellipse
CreateBitmap
EnumFontFamiliesExA
GetSystemPaletteEntries
GetNearestPaletteIndex
RoundRect
SetPaletteEntries
GetPaletteEntries
ExtFloodFill
GetBoundsRect
ExtTextOutA
GetTextCharsetInfo
shell32
ShellExecuteA
SHAppBarMessage
SHGetPathFromIDListA
SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetFileInfoA
SHFileOperationA
d3d8
Direct3DCreate8
kernel32
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
GlobalAlloc
lstrcmpA
GlobalLock
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetModuleFileNameW
InterlockedDecrement
SetThreadPriority
SetEvent
CreateEventA
GlobalFree
MulDiv
LocalFree
FormatMessageA
GlobalUnlock
GlobalSize
CopyFileA
InterlockedIncrement
GetThreadLocale
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
FreeLibrary
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetUserDefaultLCID
GetFileAttributesA
GetFileTime
GetProfileIntA
GetTempFileNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
GetSystemInfo
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
ExitProcess
GetCommandLineA
RtlUnwind
RaiseException
WriteConsoleW
GetFileType
GetStdHandle
ExitThread
CreateThread
HeapSize
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetACP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LoadLibraryW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
SetEnvironmentVariableA
GetModuleHandleA
GetLocalTime
lstrcmpW
GetProcessHeap
HeapFree
IsProcessorFeaturePresent
CreateFileW
WriteFile
GetFileSize
CreateFileA
InterlockedCompareExchange
FindResourceExA
GetTempPathA
SearchPathA
ReleaseMutex
FindNextFileA
ReadFile
FindClose
GlobalMemoryStatus
LoadLibraryA
SetLastError
FindFirstFileA
GetUserDefaultLangID
VirtualQuery
VirtualProtectEx
ReadProcessMemory
VirtualAllocEx
WriteProcessMemory
VirtualProtect
Process32First
CreateMutexA
CreateSemaphoreA
ReleaseSemaphore
GetCurrentProcessId
LocalAlloc
GetProcAddress
IsBadReadPtr
GetCurrentThreadId
ResumeThread
Thread32First
OpenThread
SuspendThread
Thread32Next
GetVersionExA
OpenProcess
WaitForSingleObject
WritePrivateProfileStringA
Sleep
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetModuleFileNameA
Process32Next
CreateToolhelp32Snapshot
CloseHandle
TerminateProcess
GetCurrentProcess
GetTickCount
GetStringTypeExA
lstrlenW
FindResourceA
SizeofResource
lstrlenA
LoadResource
InterlockedExchange
WideCharToMultiByte
LockResource
MultiByteToWideChar
CompareStringA
CompareStringW
GetEnvironmentVariableA
GetLastError
GetVersion
CreateDirectoryA
SetEndOfFile
comdlg32
GetFileTitleA
winspool.drv
OpenPrinterA
DocumentPropertiesA
ClosePrinter
comctl32
ImageList_GetIconSize
InitCommonControlsEx
shlwapi
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA
oledlg
ord8
ole32
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoInitialize
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleLockRunning
DoDragDrop
OleTranslateAccelerator
IsAccelerator
oleaut32
VariantInit
VariantClear
VariantChangeType
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
VarBstrFromDate
VarUdateFromDate
Exports
Exports
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VChangePassTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendWithIP_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserLogin_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserRegist_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLogOffTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLoginCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VOnlineTrasaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VReadConfigFile_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VRegNewCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginWithGameAccountTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestLargeDataSend_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestOnlineSession_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadGameOnlineUser_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadScript_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoad_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VChangePassEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VExtendEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VOnlineEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VReadConfigEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VRegEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VSimpleLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
GetPlugin
Sections
.text Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 600KB - Virtual size: 598KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 96KB - Virtual size: 138KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data1 Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: 268KB - Virtual size: 265KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 188KB - Virtual size: 184KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ