06fe842fd1fd29d252cbaf52b964bcab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06fe842fd1fd29d252cbaf52b964bcab_JaffaCakes118
Size

47KB
MD5

06fe842fd1fd29d252cbaf52b964bcab
SHA1

322555477ab3e01288bfdc23670225fdd05d4009
SHA256

f8eab7c99dac5912e53535a2fb02a769b64e4531132556037502d8dc9ab5e97f
SHA512

e653e8104b62abd57d1f58eb565561e550d2b1f36f7e94214f14245e17021ecca20f2231bc2724145b151e8841d1c3cce61f6caf8924732e8fd967e55d0c80f7
SSDEEP

768:moMJ2y8qxZ1DiNCnIMScMTs0UacbDMa0jgc5xOpua:fM5DvIVTsffbDYLOpv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06fe842fd1fd29d252cbaf52b964bcab_JaffaCakes118

Files

06fe842fd1fd29d252cbaf52b964bcab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

435b5b3e1d4961b0382f19a6e0466cd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\work\miktex-2.5\Programs\MiKTeX\epstopdf\Release\epstopdf.pdb

Imports

miktex-app-1

?OnProgress@Application@App@MiKTeX@@UAG_NV?$EnumWrapper@VNotificationEnum@Packages@MiKTeX@@@Core@3@@Z
?OnRetryableError@Application@App@MiKTeX@@UAG_NPBD@Z
?ReportLine@Application@App@MiKTeX@@UAGXPBD@Z
?InstallPackage@Application@App@MiKTeX@@UAG_NPBD0@Z
?Finalize@Application@App@MiKTeX@@UAGXXZ
?Init@Application@App@MiKTeX@@UAGXABVInitInfo@Session@Core@3@@Z
?Init@Application@App@MiKTeX@@UAGXPBD@Z
??1Application@App@MiKTeX@@UAE@XZ
??0Application@App@MiKTeX@@QAE@XZ

miktex-core-3

??1FileStream@Core@MiKTeX@@QAE@XZ
?Attach@FileStream@Core@MiKTeX@@QAGXPAU_iobuf@@@Z
?Close@FileStream@Core@MiKTeX@@QAGXXZ
?Seek@FileStream@Core@MiKTeX@@QBGXJV?$EnumWrapper@VSeekOriginEnum@Core@MiKTeX@@@23@@Z
?GetPosition@FileStream@Core@MiKTeX@@QBGJXZ
?SetBinary@FileStream@Core@MiKTeX@@QBGXXZ
??0CommandLineBuilder@Core@MiKTeX@@QAE@ABV012@@Z
??0CommandLineBuilder@Core@MiKTeX@@QAE@XZ
?AppendArgument@CommandLineBuilder@Core@MiKTeX@@QAGXPBD@Z
?AppendUnquoted@CommandLineBuilder@Core@MiKTeX@@QAGXPBD@Z
?AppendOption@CommandLineBuilder@Core@MiKTeX@@QAGXPBD0@Z
?Get@CommandLineBuilder@Core@MiKTeX@@QAGPBDXZ
?Open@TraceStream@Core@MiKTeX@@SGPAV123@PBD@Z
?Open@File@Core@MiKTeX@@SGPAU_iobuf@@ABVPathName@23@V?$EnumWrapper@VFileModeEnum@Core@MiKTeX@@@23@V?$EnumWrapper@VFileAccessEnum@Core@MiKTeX@@@23@_N@Z
?Open@File@Core@MiKTeX@@SGPAU_iobuf@@ABVPathName@23@V?$EnumWrapper@VFileModeEnum@Core@MiKTeX@@@23@V?$EnumWrapper@VFileAccessEnum@Core@MiKTeX@@@23@@Z
?SetExtension@PathName@Core@MiKTeX@@QAGAAV123@PBD_N@Z
?AppendDirectoryDelimiter@PathName@Core@MiKTeX@@QAGAAV123@XZ
?AppendString@Utils@Core@MiKTeX@@SGIPADIPBD@Z
?CopyString@Utils@Core@MiKTeX@@SGIPADIPBD@Z
?MakeProgramVersionString@Utils@Core@MiKTeX@@SG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDABUVersionNumber@23@@Z
?PrintException@Utils@Core@MiKTeX@@SGXABVMiKTeXException@23@@Z
?PrintException@Utils@Core@MiKTeX@@SGXABVexception@std@@@Z
?ReadUntilDelim@Utils@Core@MiKTeX@@SG_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HPAU_iobuf@@@Z
?FormatString@Utils@Core@MiKTeX@@SG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDPAD@Z
?Start@Process@Core@MiKTeX@@SGPAV123@ABUProcessStartInfo@23@@Z
??1CommandLineBuilder@Core@MiKTeX@@QAE@XZ

miktex-popt-3

_poptBadOption@8
_poptGetNextOpt@4
poptHelpOptions
_poptFreeContext@4
_poptGetContext@20
_poptGetArgs@4
_poptStrerror@4
_poptGetOptArg@4

msvcp80

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?length@?$char_traits@D@std@@SAIPBD@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?rdstate@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?width@ios_base@std@@QAEHH@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?rbegin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
?rend@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIABV12@@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IBEPBDXZ
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?uncaught_exception@std@@YA_NXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

msvcr80

vfprintf
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_CxxThrowException
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
__CxxFrameHandler3
??3@YAXPAX@Z
_stricmp
fputc
sscanf_s
ceil
isspace
strstr
__iob_func
strchr
atoi
_invalid_parameter_noinfo
fprintf

kernel32

IsDebuggerPresent
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedExchange
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

435b5b3e1d4961b0382f19a6e0466cd6

Headers

File Characteristics

PDB Paths

Imports

miktex-app-1

miktex-core-3

miktex-popt-3

msvcp80

msvcr80

kernel32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 21KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 21KB