ba68ae92f28dfbf13e1c756ecd89486c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba68ae92f28dfbf13e1c756ecd89486c_JaffaCakes118
Size

216KB
MD5

ba68ae92f28dfbf13e1c756ecd89486c
SHA1

13d382f10b5b2a6a6cf1fb76cdc14836d25f19ee
SHA256

665438d6beb990028b8c5c6c3732b5c3fd706b445e164888efe4beebe660d360
SHA512

6f8e1f07727da870cace89ac39191b8a48bce4476b94a4265f28f69ce206e924f7ae96c046efeccdacf59e00b43d2e9cef6e6c25019f0decbc99de2f1981754d
SSDEEP

3072:CLbXav4pZtttes2rP/LE0cX+g27nm2m3NItbfeawm:IbXaqZtt+/DdgKmncbf+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba68ae92f28dfbf13e1c756ecd89486c_JaffaCakes118

Files

ba68ae92f28dfbf13e1c756ecd89486c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e66f2676b3b5340addce93b6175c9ad0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
DisableThreadLibraryCalls
lstrcpynA
HeapDestroy
HeapCreate

user32

GetDlgItem
GetDlgCtrlID
IsWindow
IsWindowVisible
SendMessageA
SetWindowTextA
GetParent
GetKeyState
MessageBoxA
CallWindowProcA
GetNextDlgGroupItem
GetWindowLongA
SetWindowLongA
GetWindow
ShowWindow
MoveWindow
ReleaseDC
GetDC
GetClientRect
IsWindowEnabled
SetTimer
GetFocus
KillTimer
wsprintfA
DestroyWindow
EnableWindow
SetFocus
GetNextDlgTabItem
FindWindowA

gdi32

GetTextMetricsA

msvcrt

_ftol
atof
atoi
atol

vcore

_ReadPackageString@24
_GetScriptObject@12
_SetAtomInt@12
_StateChange@8
_GetAtomInt@8
_ReadPackageInt@16
_ReadPackageStringMulti@20
_NameOfAtom@8
LogMessageA
_ReadPackageIntMulti@20
_InfoBarGroupMessage@12
_InfoBarFlushMessages@0
_InfoBarScrollMessage@16
_GetAtom@8
_SetActiveScene@8
_QueryGameInfo@16
_SendServerMessage@16
_ConnectGame@4
_CasinoFrameUnlock@4
_CasinoFrameLock@4
_CasinoFrameHandle@0
_CasinoFrameCreateDialog@20
_CasinoFrameCommand@8
_CasinoFrameExec@12
StartAutoplay
StopAutoplay

Exports

Exports

_DllCreatePlugin@12

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e66f2676b3b5340addce93b6175c9ad0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

vcore

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 9KB

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 8KB - Virtual size: 6KB