d03ee2bfe9dd96321496df887571e408_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d03ee2bfe9dd96321496df887571e408_JaffaCakes118
Size

264KB
MD5

d03ee2bfe9dd96321496df887571e408
SHA1

7061c7e7397021b867902f8199cec7006485f607
SHA256

814d570ae10b6d982f7f9fa64de30a5e7ea3a61988a2256ed29f5d3c49642936
SHA512

2ee4b5b58c673903eab93c30f3be68641daab03e636e57e0dcc132e55740939e77175a9990a39a3040df30fa91566eb887a14f742678a6664f9b35253de56702
SSDEEP

3072:yJF5TGZHrcYKYcVh0GgjGFz6CY4mmYL80shFNKNZUZZOgxIE3csBVXUXdrs/Jj8U:yBTZvz6GCqMZuZOgxRbmBsN4Bc3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d03ee2bfe9dd96321496df887571e408_JaffaCakes118

Files

d03ee2bfe9dd96321496df887571e408_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3a95fcd5efd06c6273220303a8f763da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ddimage

?shadow_knobs@LightOp@Image@DD@@QAEXAAVKnob_Closure@23@@Z
?knobs@AxisOp@Image@DD@@UAEXAAVKnob_Closure@23@@Z
?attenuation_knobs@LightOp@Image@DD@@QAEXAAVKnob_Closure@23@@Z
?Tooltip@Image@DD@@YAXAAVKnob_Closure@12@PBD@Z
?SetFlags@Image@DD@@YAXAAVKnob_Closure@12@H@Z
?SetRange@Image@DD@@YAXAAVKnob_Closure@12@NN@Z
?color_knobs@LightOp@Image@DD@@QAEXAAVKnob_Closure@23@@Z
?_validate@LightOp@Image@DD@@UAEX_N@Z
?get_L_vector@LightOp@Image@DD@@UBEXAAVLightContext@23@ABVVector3@23@1AAV523@AAM@Z
?_next@ChannelSet@Image@DD@@ABE?AW4Channel@23@W4423@@Z
?_first@ChannelSet@Image@DD@@ABE?AW4Channel@23@XZ
?node_disabled@Op@Image@DD@@QBE_NXZ
?gl_text@@YAXPBD@Z
?print_name_cb@Op@Image@DD@@2P6AXAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@PBV123@@ZA
?gl_sphere@@YAXM@Z
?icon_size@ViewerContext@Image@DD@@QBEMXZ
??XMatrix4@Image@DD@@QAEAAV012@ABV012@@Z
?glColor@@YAXI@Z
?node_selected@Op@Image@DD@@QBE_NXZ
??1AxisOp@Image@DD@@UAE@XZ
??0LightOp@Image@DD@@QAE@PAVNode@@@Z
?ctor2@Description@Image@DD@@AAEXP6AXPAV123@@Z@Z
?add@Description@Op@Image@DD@@KAXPAV134@@Z
?abi6_2_1@Op@Image@DD@@EAEHXZ
?_invalidate@Op@Image@DD@@MAEXXZ
?_open@Op@Image@DD@@MAEXXZ
?_close@Op@Image@DD@@MAEXXZ
?doAnyHandles@CameraOp@Image@DD@@UAE_NPAVViewerContext@23@@Z
?_fetchMetaData@Op@Image@DD@@UAEABVBundle@MetaData@@PBD@Z
?knob_changed@Op@Image@DD@@UAEHPAVKnob@23@@Z
?memUsage@Op@Image@DD@@UBEIXZ
?build_handles@LightOp@Image@DD@@UAEXPAVViewerContext@23@@Z
?optional_input@Op@Image@DD@@UBEHXZ
?test_input@AxisOp@Image@DD@@UBE_NHPAVOp@23@@Z
?inputs@Op@Image@DD@@UAEXH@Z
?set_input@Op@Image@DD@@UAEXHPAV123@HH@Z
?setOutputContext@Op@Image@DD@@UAEXABVOutputContext@23@@Z
?append@Op@Image@DD@@UAEXAAVHash@23@@Z
?uses_input@Op@Image@DD@@UBEMH@Z
?build_splits@Op@Image@DD@@UAEXXZ
?split_input@Op@Image@DD@@UBEHH@Z
?inputContext@Op@Image@DD@@UBEABVOutputContext@23@HHAAV423@@Z
?inputUIContext@Op@Image@DD@@UBEPBVOutputContext@23@HAAV423@@Z
?default_input@Op@Image@DD@@UBEPAV123@H@Z
?node_shape@AxisOp@Image@DD@@UBEPBDXZ
?input_label@Op@Image@DD@@UBEPBDHPAD@Z
?input_longlabel@Op@Image@DD@@UBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?firstEngineRendersWholeRequest@Op@Image@DD@@UBE_NXZ
?displayName@LightOp@Image@DD@@UBEPBDXZ
?isGuiInteractive@AxisOp@Image@DD@@UBE_NW4Transformation@Axis_KnobI@23@@Z
?print_info@AxisOp@Image@DD@@UBEXAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?projection_knobs@CameraOp@Image@DD@@UAEXAAVKnob_Closure@23@@Z
?lens_knobs@CameraOp@Image@DD@@UAEXAAVKnob_Closure@23@@Z
?lens_function@CameraOp@Image@DD@@UBEP6AXPAVScene@23@PAV123@PAVMatrixArray@23@ABVVArray@23@AAVVector4@23@PAX@ZH@Z
?lensNfunction@CameraOp@Image@DD@@UBEP6AXPAVScene@23@PAV123@PAVMatrixArray@23@PAVVArray@23@HPAX@ZH@Z
?get_shadowing@LightOp@Image@DD@@UAEMABVLightContext@23@ABVVector3@23@AAVPixel@23@@Z
?request@LightOp@Image@DD@@UAEXABVChannelSet@23@H@Z

opengl32

glScalef
glBegin
glVertex3f
glEnd
glRasterPos3f
glLightfv
glLightf
glEnable
glColor3f
glLoadMatrixf

msvcp80

??_7?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??1_Mutex@std@@QAE@XZ
??0_Mutex@std@@QAE@XZ
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?facet_Register@facet@locale@std@@CAXPAV123@@Z
?_Id_cnt@id@locale@std@@0HA
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??_8?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?_Locinfo_dtor@_Locinfo@std@@SAXPAV12@@Z
_Getctype
?_Locinfo_ctor@_Locinfo@std@@SAXPAV12@PBD@Z
??_7?$ctype@D@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
_Toupper
_Tolower
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@_String_base@std@@SAXXZ
?_Xlen@_String_base@std@@SAXXZ
?id@?$ctype@D@std@@2V0locale@2@A

msvcr80

_CxxThrowException
??3@YAXPAX@Z
??2@YAPAXI@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
free
??_V@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
??0exception@std@@QAE@ABQBD@Z
memcpy_s
memmove_s
__CxxFrameHandler
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
memset

kernel32

LoadLibraryA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
InterlockedExchange
Sleep
InterlockedCompareExchange
DisableThreadLibraryCalls
GetProcAddress

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a95fcd5efd06c6273220303a8f763da

Headers

File Characteristics

Imports

ddimage

opengl32

msvcp80

msvcr80

kernel32

Sections

.text Size: 80KB - Virtual size: 79KB

.text1 Size: 4KB - Virtual size: 2KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 4KB - Virtual size: 2KB

.data1 Size: 16KB - Virtual size: 15KB

.rsrc Size: 96KB - Virtual size: 93KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 80KB - Virtual size: 79KB

.text1
Size: 4KB - Virtual size: 2KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 4KB - Virtual size: 2KB

.data1
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 96KB - Virtual size: 93KB

.reloc
Size: 8KB - Virtual size: 7KB