fa66f42ace845023011e0093b0ee4879_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa66f42ace845023011e0093b0ee4879_JaffaCakes118
Size

280KB
MD5

fa66f42ace845023011e0093b0ee4879
SHA1

afb72e8b3a5830c6f7adf8a9388920ea7400aa5c
SHA256

bab04099cd54843d5665d3049e95361d37049486013d427e589af3abbb97bad4
SHA512

5d919d0a259f15abc2630371357d74fb83eed6b7231bd7bd456a945d572c360cf991c6c5b67d4cec9e07b7099e7fd638b9778fdc383ca1ac11c4320189c97390
SSDEEP

6144:RYHmraNdmcFNWIOjM1h2WyrgfrawJoDjWvmD28iaNV35YZhX3E:RfeNEYHryrurawJoD8c28iaLpY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa66f42ace845023011e0093b0ee4879_JaffaCakes118

Files

fa66f42ace845023011e0093b0ee4879_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e82fbfde8b3eb45c5dc29b96a0c74887

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Hedghog_SVN\HedgehogModules\trunk\SDATools\lib\SDATools.pdb

Imports

sdauthor

DVDVideo_SetTemporaryDir
DVDVideo_SetOuputDir
DVDVideo_CreateGenerator
DVDVideo_AddContent_PS
DVDVideo_AddContent_ES
DVDVideo_SetMenuTemplate
DVDVideo_RemoveAllContents
DVDVideo_SetMediumType
DVDVideo_SetCallback
DVDVideo_GetProgress
DVDVideo_Abort
DVDVideo_DestroyGenerator
DVDVideo_SetFirstPlay
DVDVideo_Generate

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
CopyFileW
GetSystemInfo
CreateFileW
GetLastError
InterlockedIncrement
InterlockedDecrement
FindClose
FindFirstFileW
CreateDirectoryW
FindNextFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetWaitableTimer
GetSystemTimeAsFileTime
CreateWaitableTimerW
CloseHandle
WaitForSingleObject
SetEvent
GetCurrentThreadId
DeleteCriticalSection
CreateEventW
ReadFile
GetFileSizeEx

user32

PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW

msvcp80

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

msvcr80

_lock
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_CxxThrowException
??3@YAXPAX@Z
__CxxFrameHandler3
_invalid_parameter_noinfo
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
memmove_s
_purecall
??8type_info@@QBE_NABV0@@Z
??_V@YAXPAX@Z
_beginthreadex
swprintf_s
_unlock
__dllonexit
_encode_pointer
_initterm_e
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
free
_encoded_null
_initterm
__clean_type_info_names_internal

Exports

Exports

VaButtonSetAdjacent
VaButtonSetLink
VaChapterGetTime
VaCreateProject
VaGetResultString
VaHandleGetProperty
VaHandleSetProperty
VaInit
VaMenuCreateButton
VaMenuGetButton
VaMenuGetButtonCount
VaMenuSetBackground
VaMenuSetColorset
VaMenuSetDefaultSelect
VaMenuSetSubpicture
VaProgramSetPostLink
VaProgramSetRootLink
VaProjectAddFile
VaProjectBuildFolderImage
VaProjectClose
VaProjectCreateMenu
VaProjectCreateTitle
VaProjectGetMenu
VaProjectGetMenuCount
VaProjectGetTitle
VaProjectGetTitleCount
VaProjectImportAudio
VaProjectImportMpeg
VaProjectImportSubPicture
VaProjectImportVideo
VaProjectImportVideoEx
VaProjectSetFirstPlay
VaProjectSetProgressProc
VaProjectSetRootLink
VaProjectSetTitleLink
VaTitleAddChapter
VaTitleCreateTrack
VaTitleGetChapter
VaTitleGetChapterCount
VaTitleGetDuration
VaTitleGetTrack
VaTitleSeamyBreak
VaTrackAppendStream
VaTrackGetDuration
VaUninit

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e82fbfde8b3eb45c5dc29b96a0c74887

Headers

File Characteristics

PDB Paths

Imports

sdauthor

kernel32

user32

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 172KB - Virtual size: 170KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 172KB - Virtual size: 170KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB