d:\LocalSvnForDailyBuild\dabingusa_beta\Bin\Release\plugin\Func.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
b3796f46bdd99d531ac53bc97dc3af04_JaffaCakes118.dll
Resource
win7-20240704-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
b3796f46bdd99d531ac53bc97dc3af04_JaffaCakes118.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
150 seconds
General
-
Target
b3796f46bdd99d531ac53bc97dc3af04_JaffaCakes118
-
Size
3.7MB
-
MD5
b3796f46bdd99d531ac53bc97dc3af04
-
SHA1
47a52b27d2b4b83ab184185931d2f0c8b5669592
-
SHA256
c92812ba1ca3e0c84d64106e54909d6d3e509c99be304a33f418dac7ec8d3e9c
-
SHA512
8f30e90b992e5180b03cbc154455bb4d0bbba9884765e411de0f52dfe306da163cdd0d269e54dad227ba42449f6d03bb8e2793390d45ab63b6571725c790c0e8
-
SSDEEP
49152:ckRRFnv2Cx7GdCq/1mec28x6RYa9LwLVOcQ/MCM+:5v/Zg/10D+SLjEM+
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b3796f46bdd99d531ac53bc97dc3af04_JaffaCakes118
Files
-
b3796f46bdd99d531ac53bc97dc3af04_JaffaCakes118.dll windows:4 windows x86 arch:x86
36e9bdf9a1062f29f36e64f41b7ab4a3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
psapi
GetModuleInformation
GetProcessImageFileNameA
imagehlp
CheckSumMappedFile
winmm
PlaySoundA
kernel32
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LoadLibraryW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
SetEnvironmentVariableA
GetTimeZoneInformation
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
IsValidCodePage
GetACP
GetDateFormatA
GetTimeFormatA
HeapSize
CreateThread
ExitThread
GetStdHandle
GetFileType
WriteConsoleW
RaiseException
RtlUnwind
GetProcessHeap
GetCommandLineA
ExitProcess
GetSystemTimeAsFileTime
GetSystemInfo
VirtualAlloc
HeapAlloc
HeapReAlloc
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameA
CreateFileW
ReleaseMutex
SearchPathA
GetTempPathA
FindResourceExA
InterlockedCompareExchange
MultiByteToWideChar
LoadResource
InterlockedExchange
lstrlenW
FindResourceA
GetStringTypeExA
LockResource
GetVersion
WideCharToMultiByte
CompareStringW
GetLastError
CompareStringA
SizeofResource
lstrlenA
GetLocalTime
GetTickCount
GetCurrentProcess
TerminateProcess
CloseHandle
CreateToolhelp32Snapshot
Process32Next
GetModuleFileNameA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
Sleep
GetCurrentThreadId
CreateDirectoryA
WaitForSingleObject
OpenProcess
GetVersionExA
Thread32Next
SuspendThread
OpenThread
Thread32First
ResumeThread
IsBadReadPtr
GetProcAddress
GetModuleHandleA
LocalAlloc
GetProfileIntA
GetFileTime
GetFileAttributesA
GetUserDefaultLCID
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetThreadLocale
InterlockedIncrement
CopyFileA
GlobalSize
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
CreateEventA
SetEvent
SetThreadPriority
GlobalFree
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GlobalLock
lstrcmpA
GlobalAlloc
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
LoadLibraryA
SetLastError
FindFirstFileA
GetUserDefaultLangID
WritePrivateProfileStringA
VirtualQuery
VirtualProtectEx
ReadProcessMemory
VirtualAllocEx
WriteProcessMemory
VirtualProtect
Process32First
CreateMutexA
CreateSemaphoreA
ReleaseSemaphore
GetCurrentProcessId
user32
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableA
SetRect
MessageBeep
IsClipboardFormatAvailable
DeleteMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
DrawEdge
SetParent
DestroyMenu
GetMenuItemInfoA
CharNextA
InflateRect
MapVirtualKeyA
GetKeyNameTextA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
InsertMenuA
RemoveMenu
ShowOwnedPopups
SetCursor
GetMessageA
SetRectEmpty
GetActiveWindow
ValidateRect
CreateMenu
SetWindowRgn
SetCapture
CharUpperA
GetDCEx
TranslateAcceleratorA
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
CheckMenuItem
PostQuitMessage
IsWindowEnabled
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
SetMenu
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
WindowFromPoint
GetPropA
RemovePropA
ReleaseCapture
GetNextDlgGroupItem
PostThreadMessageA
DestroyIcon
GetSystemMenu
UnionRect
LockWindowUpdate
TranslateMessage
EnableWindow
SendMessageA
RedrawWindow
GetSystemMetrics
GetWindowRect
SetWindowPos
ShowWindow
IsWindowVisible
GetClientRect
MessageBoxA
GetSysColor
FrameRect
DrawTextA
InvalidateRect
GetCursorPos
ScreenToClient
GetParent
GetMessagePos
FillRect
LoadMenuA
GetSubMenu
ShowScrollBar
LoadIconA
SetTimer
KillTimer
GetClassNameA
EnumChildWindows
GetDesktopWindow
PostMessageA
GetWindowThreadProcessId
EnumWindows
SetWindowTextA
GetDlgCtrlID
IsWindow
GetWindowTextA
LoadImageA
FindWindowA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
CopyRect
PtInRect
SetWindowPlacement
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
GetWindow
UnhookWindowsHookEx
EnableMenuItem
AppendMenuA
CreatePopupMenu
SetWindowLongA
GetWindowLongA
SetScrollInfo
GetScrollInfo
DestroyCursor
DrawFrameControl
DrawFocusRect
LoadMenuIndirectA
CreateAcceleratorTableA
IsMenu
DrawStateA
CreateIconIndirect
GetWindowRgn
DrawIconEx
WaitMessage
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DrawIcon
IsZoomed
GetCursor
GetIconInfo
EnableScrollBar
CopyIcon
SetCursorPos
CopyImage
SetClassLongA
NotifyWinEvent
DestroyAcceleratorTable
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
SetMenuDefaultItem
GetMenuDefaultItem
CharUpperBuffA
SubtractRect
IsCharLowerA
MapVirtualKeyExA
LoadStringA
gdi32
SetTextColor
Arc
SetPixel
SelectObject
GetBkColor
GetTextColor
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
CreatePen
ExtCreatePen
CreateSolidBrush
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateFontIndirectA
LPtoDP
GetTextMetricsA
GetRgnBox
OffsetRgn
GetViewportOrgEx
Rectangle
DeleteObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
GetDeviceCaps
GetClipBox
SetBkColor
CreateBitmap
CopyMetaFileA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
CreateDIBSection
GetDIBits
RealizePalette
EnumFontFamiliesA
GetTextCharset
ExtCreateRegion
CreatePalette
CreateRoundRectRgn
GetNearestColor
Ellipse
StretchBlt
CreatePolygonRgn
FillRgn
FrameRgn
CreateEllipticRgn
PtInRegion
Polygon
SetPixelV
CreateDIBitmap
GetTextCharsetInfo
Polyline
GetBoundsRect
ExtFloodFill
GetPaletteEntries
SetPaletteEntries
RoundRect
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
GetWindowOrgEx
SelectClipRgn
CreateRectRgn
GetTextExtentPoint32A
GetObjectA
comdlg32
GetFileTitleA
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
advapi32
RegQueryValueA
OpenServiceA
ControlService
CloseServiceHandle
DeleteService
FreeSid
SetSecurityInfo
AddAccessAllowedAce
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
AddAccessDeniedAce
InitializeAcl
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
OpenSCManagerA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
shell32
DragQueryFileA
DragFinish
SHFileOperationA
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHAppBarMessage
comctl32
InitCommonControlsEx
ImageList_GetIconSize
shlwapi
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA
oledlg
ord8
ole32
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoTaskMemAlloc
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleLockRunning
DoDragDrop
OleTranslateAccelerator
IsAccelerator
oleaut32
VariantClear
VariantChangeType
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VarUdateFromDate
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
VarBstrFromDate
VariantInit
Exports
Exports
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VChangePassTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendWithIP_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserLogin_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserRegist_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLogOffTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLoginCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VOnlineTrasaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VReadConfigFile_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VRegNewCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginWithGameAccountTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestLargeDataSend_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestOnlineSession_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadGameOnlineUser_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadScript_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoad_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VChangePassEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VExtendEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VOnlineEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VReadConfigEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VRegEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VSimpleLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
GetPlugin
Sections
.text Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 548KB - Virtual size: 544KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 68KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: 248KB - Virtual size: 244KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 172KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ