fe8218a0cf8752c554690138a30b8348_JaffaCakes118

General

Target

fe8218a0cf8752c554690138a30b8348_JaffaCakes118
Size

228KB
MD5

fe8218a0cf8752c554690138a30b8348
SHA1

e9cc126c9f689d911e9d496f964611fe597ed645
SHA256

b075315db8ae9e1a04f377c75692bba32c01df0d17e29a599e7f30d2f7a70314
SHA512

b5575fc3f7bb48e1755042dc5e2164a72a27da2d1079ad58f4b38411965e7f0dc0117b076092e5ba6aa1bf9159df5ee7da8af9471e0ff5de6719c1e26dbfa0cf
SSDEEP

3072:wqAAg/DPFWN0q9z5yq7oKuQM4+YgA+bDItFZxZkO5k1esj3mCJI6TVVmZDiRru:wvFWN0kz5yq7beYgFbEtpZkNpj3monN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe8218a0cf8752c554690138a30b8348_JaffaCakes118

Files

fe8218a0cf8752c554690138a30b8348_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1df8b6228c1ecbac9cedd9785f189ef0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
CloseHandle
WriteFile
GetProcAddress
GetLocalTime
CreateDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateFileA
DisableThreadLibraryCalls

user32

wsprintfA

vcore

_GetAtomInt@8
DelayCommand
DelayCommandEx
_CasinoFrameHandle@0
_ReadPackageInt@16
_SpritePlayToFrame@12
GetSpriteObjectByTag
_SpriteFade@16
_SpriteBlink@20
_GetAtomObject@16
_SetShadedReelBkImage@8
_ReadPackageIntMulti@20
_ReadPackageString@24
_InfoBarFlushMessages@0
_InfoBarGroupMessage@12
_InfoBarScrollMessage@16
_SetActiveScene@8
_StateChange@8
SetModuleState
LogMessageA
_FindAtomID@8
_NameOfAtom@8
_GetAtom@8
_UnlockEvent@8
_GetScriptObject@12
_SpriteSetFrame@8
_SetAtomInt@12
GetCurrentModule

msvcrt

_strcmpi
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_mbsicmp
sprintf
time
srand
rand
memmove
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
_purecall

Exports

Exports

_DllCreatePlugin@12

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1df8b6228c1ecbac9cedd9785f189ef0

Headers

File Characteristics

Imports

kernel32

user32

vcore

msvcrt

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 8KB - Virtual size: 5KB