d3039a30713267d5cc00ba9fb1a81f1c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d3039a30713267d5cc00ba9fb1a81f1c_JaffaCakes118
Size

349KB
MD5

d3039a30713267d5cc00ba9fb1a81f1c
SHA1

befec85bdbaacf4675e82ed39eb8c9d883483262
SHA256

909fae6e9e3b20bc93cbd1e41c79528a294fab1fbb148093dc1dd9315d7617c3
SHA512

d842407f2c73c5723476ba0a45b3733cec9b96afe5dc6ad77bd187fbd30de953f6ae55b1640ddda7094e97bcc7ef8bc6524c044570f9ec103853332109149933
SSDEEP

6144:a4PpNlgzsInBOuG3nO2YHTh/WvTonnFzFhm40wjiaBqbTdEOYZayD6N+eAvNpXiv:aenlgzsIgJu9/WvqFpL+bgRtsrtu4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3039a30713267d5cc00ba9fb1a81f1c_JaffaCakes118

Files

d3039a30713267d5cc00ba9fb1a81f1c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fa89d4e64cd9819590ac1a5d3fcb10dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\My Documents\VBCode\神鬼传奇\jacky_2_Root\Debug\Root.pdb

Imports

kernel32

GetModuleFileNameA
CloseHandle
VirtualProtectEx
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetCurrentProcessId
Sleep
OpenMutexA
WaitForSingleObject
CreateProcessA
GetPrivateProfileStringA
GetSystemDirectoryA
WritePrivateProfileStringA
CompareStringW
CompareStringA
GetLocaleInfoW
FlushFileBuffers
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
LCMapStringW
LCMapStringA
SetStdHandle
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
ResumeThread
SetThreadContext
FlushInstructionCache
GetThreadContext
SuspendThread
CreateProcessW
GetLastError
CreateThread
GetCurrentThreadId
ExitThread
GetCommandLineA
GetVersionExA
DebugBreak
RaiseException
TerminateProcess
ExitProcess
RtlUnwind
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
SetLastError
GetCurrentThread
UnhandledExceptionFilter
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
GetProcessHeap
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
VirtualQuery
InterlockedExchange
HeapReAlloc
VirtualAlloc
SetFilePointer
SetConsoleCtrlHandler
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
GetTimeFormatA
GetDateFormatA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
SetEnvironmentVariableA

user32

CharLowerA
SetTimer
GetClientRect
SetForegroundWindow
SetActiveWindow
SendMessageA
FindWindowExA
GetWindowTextA
ShowWindow
IsWindowVisible
GetDesktopWindow
GetWindow
GetWindowThreadProcessId
GetClassNameA

Sections

.textbss
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v-lizer
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fa89d4e64cd9819590ac1a5d3fcb10dc

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.textbss Size: - Virtual size: 72KB

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 3KB

.v-lizer Size: 145KB - Virtual size: 145KB

.textbss
Size: - Virtual size: 72KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 3KB

.v-lizer
Size: 145KB - Virtual size: 145KB