dc401cc9d2680ec575947af57e827766_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc401cc9d2680ec575947af57e827766_JaffaCakes118
Size

10KB
MD5

dc401cc9d2680ec575947af57e827766
SHA1

1a0e71ff5c01101f3ddb9360f8f556e8f12cf40b
SHA256

c565620b1d63378242587e05213032fee97b15fd821148772aace3af5b5cde41
SHA512

9fe521b49a23db7d5f07a4e91bfaae40523d2fdba8cb1324c5d660d52f56a96375c47ac3179315e44cb3a5a300784009db05866bbb5d79555e9e55c87d873e4c
SSDEEP

192:Fw8dHabRDEgtHyl0NSypWak6HVdW3yWak8QjdW3w9wv:ndHad/N20IypWak8dWiWak8EdWN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc401cc9d2680ec575947af57e827766_JaffaCakes118

Files

dc401cc9d2680ec575947af57e827766_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ca9067d44c94cd8b6f01ab628299122b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3d8thk.pdb

Imports

gdi32

DdEntry1
DdEntry2
DdEntry3
DdEntry5
DdEntry4
DdEntry7
DdEntry8
DdEntry9
DdEntry10
DdEntry11
DdEntry13
DdEntry12
DdEntry14
DdEntry17
DdEntry15
DdEntry18
DdEntry16
DdEntry50
DdEntry19
DdEntry20
DdEntry21
DdEntry24
DdEntry22
DdEntry23
DdEntry25
DdEntry26
DdEntry27
DdEntry28
DdEntry29
DdEntry30
DdEntry31
DdEntry6
DdEntry32
DdEntry33
DdEntry34
DdEntry35
DdEntry37
DdEntry36
DdEntry38
DdEntry39
DdEntry40
DdEntry41
DdEntry42
DdEntry43
DdEntry44
DdEntry45
DdEntry46
DdEntry47
DdEntry48
DdEntry49
DdEntry51
DdEntry52
DdEntry53
DdEntry54
DdEntry55
DdEntry56

msvcrt

_adjust_fdiv
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

OsThunkD3dContextCreate
OsThunkD3dContextDestroy
OsThunkD3dContextDestroyAll
OsThunkD3dDrawPrimitives2
OsThunkD3dValidateTextureStageState
OsThunkDdAddAttachedSurface
OsThunkDdAlphaBlt
OsThunkDdAttachSurface
OsThunkDdBeginMoCompFrame
OsThunkDdBlt
OsThunkDdCanCreateD3DBuffer
OsThunkDdCanCreateSurface
OsThunkDdColorControl
OsThunkDdCreateD3DBuffer
OsThunkDdCreateDirectDrawObject
OsThunkDdCreateMoComp
OsThunkDdCreateSurface
OsThunkDdCreateSurfaceEx
OsThunkDdCreateSurfaceObject
OsThunkDdDeleteDirectDrawObject
OsThunkDdDeleteSurfaceObject
OsThunkDdDestroyD3DBuffer
OsThunkDdDestroyMoComp
OsThunkDdDestroySurface
OsThunkDdEndMoCompFrame
OsThunkDdFlip
OsThunkDdFlipToGDISurface
OsThunkDdGetAvailDriverMemory
OsThunkDdGetBltStatus
OsThunkDdGetDC
OsThunkDdGetDriverInfo
OsThunkDdGetDriverState
OsThunkDdGetDxHandle
OsThunkDdGetFlipStatus
OsThunkDdGetInternalMoCompInfo
OsThunkDdGetMoCompBuffInfo
OsThunkDdGetMoCompFormats
OsThunkDdGetMoCompGuids
OsThunkDdGetScanLine
OsThunkDdLock
OsThunkDdLockD3D
OsThunkDdQueryDirectDrawObject
OsThunkDdQueryMoCompStatus
OsThunkDdReenableDirectDrawObject
OsThunkDdReleaseDC
OsThunkDdRenderMoComp
OsThunkDdResetVisrgn
OsThunkDdSetColorKey
OsThunkDdSetExclusiveMode
OsThunkDdSetGammaRamp
OsThunkDdSetOverlayPosition
OsThunkDdUnattachSurface
OsThunkDdUnlock
OsThunkDdUnlockD3D
OsThunkDdUpdateOverlay
OsThunkDdWaitForVerticalBlank

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rocr
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ca9067d44c94cd8b6f01ab628299122b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 8KB

.data Size: - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.rocr Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.rocr
Size: 2KB - Virtual size: 4KB