JaffaCakes118_6de934aad6628ea7c91d5373ece05bf0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6de934aad6628ea7c91d5373ece05bf0
Size

220KB
MD5

6de934aad6628ea7c91d5373ece05bf0
SHA1

21baf31a6ff4f79e2f2d700d8763dd1b636615f5
SHA256

d07549e8725e71353a99ac2ac9f0bddde94bbadc33af72999adaba5a11804d4c
SHA512

e04d807885418e1c2bce6561713ea5d2cff08b3d7389a87d010f80f18f2396693ae7ca57f845ea0b52793d07ba51e0077f8318f84c9ae23697a5b446d639b5f0
SSDEEP

3072:VARLoeA9vRWlt0ls+kenQgKVMmDaWoOCBbI2JSeM3jiMyYyBmbr:ELqk1tJVjDfaBE2JSeMTiMMYbr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6de934aad6628ea7c91d5373ece05bf0

Files

JaffaCakes118_6de934aad6628ea7c91d5373ece05bf0
.dll windows:4 windows x86 arch:x86

73165a20c4d65261966379e0c968391c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\MegaDev-Work\MD-Trainers\MegaTrainer eXperience\MT-X-DLL\Shogun2TW_1_1_0b3891dlc\Release\Shogun2TW_1_1_0b3891dlc.pdb

Imports

kernel32

CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
WriteProcessMemory
ReadProcessMemory
Module32Next
Module32First
VirtualProtectEx
GetSystemInfo
VirtualProtect
GetStringTypeW
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapFree
GetProcAddress
GetModuleHandleA
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetLocaleInfoA
GetStringTypeA

user32

DestroyWindow
SendMessageA
RedrawWindow
FindWindowA
GetWindowThreadProcessId
CloseWindow

Exports

Exports

Shogun2TW_V1_1_0b3891dlc

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73165a20c4d65261966379e0c968391c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 4KB

.text Size: 156KB - Virtual size: 156KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 156KB - Virtual size: 156KB