28491008036754043cbfdcc0fa99dfdc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28491008036754043cbfdcc0fa99dfdc_JaffaCakes118
Size

39KB
MD5

28491008036754043cbfdcc0fa99dfdc
SHA1

78aa39ae611965c9670f20b2306d47248e4eacd7
SHA256

f16915e15b5d6c57a3dc89618318402ea16206e533939290122f07a4597d8324
SHA512

3858302f660c76261ef90998e0841c1d96c02526c2ff5513bf0dccd049edb7ec05ceafe117b1bab9d118682f5bc5f76f324aa84a757a209808f6d07d3717131a
SSDEEP

768:PJg2pHzQ0HgE9bWtUQ/+4OZKkiegVAS2kna72cY7I0l+uPrKI+9y4dXqcHR8Pe:PJfQ0HgEV+f+40Kkie02kna72cIDjKfJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28491008036754043cbfdcc0fa99dfdc_JaffaCakes118

Files

28491008036754043cbfdcc0fa99dfdc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f26423a3525c053c2d840eb18d58d8af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Gamer\Desktop\Emo'By Coded-Rafa\Release\original.pdb

Imports

kernel32

Sleep
DisableThreadLibraryCalls
GetModuleHandleA
CreateThread
IsBadReadPtr
IsProcessorFeaturePresent
VirtualProtect
FlushInstructionCache
SetLastError
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange

user32

GetSystemMetrics
GetCursorPos
GetAsyncKeyState
SetRect

d3dx9_43

D3DXCreateFontA
D3DXCreateLine

msvcr90

_decode_pointer
_initterm
_initterm_e
_encoded_null
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
free
_malloc_crt
_encode_pointer
clock
vsprintf_s
malloc
??_U@YAPAXI@Z
sprintf
system
memcpy
__CxxFrameHandler3
_CIsqrt
_CIsin
_CIcos
_amsg_exit
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
_CIatan2

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f26423a3525c053c2d840eb18d58d8af

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

d3dx9_43

msvcr90

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 40KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 40KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 3KB - Virtual size: 3KB