14f5ae70248d1b95817330e3d2184bdf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14f5ae70248d1b95817330e3d2184bdf_JaffaCakes118
Size

28KB
MD5

14f5ae70248d1b95817330e3d2184bdf
SHA1

257eaf3f2dee89122fe9e8393a9fd54634b31380
SHA256

89dd0224e33f0b8e8962419f0be95c2a38de6c8cfe5254f4348aba80a6b8d122
SHA512

3ebc34bf22d7a714ac42c45f0e6aa2dd579190e8c704e58e6d3541d1d05fb3745796b89fe84300258d4a66b09b750aa8442c51f608d2eab028d1f723e0a9250a
SSDEEP

384:G7n1aXkdDS++u+yle7Dy/XsJi/Q1Qh0laHF5vi9iNRhv2MRSS:39a4a7+lal5vi9i7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14f5ae70248d1b95817330e3d2184bdf_JaffaCakes118

Files

14f5ae70248d1b95817330e3d2184bdf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cee549eea7a1787ae5afc73c50ebe69c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libbasbd

??1BDD_MANAGER@@QAE@XZ
?fstmem@BOOL_TNODE@@0PAVUT_FASTMEM@@A
?countsuppt@BOOL_FUNC@@AAEGXZ
??0BOOL_TNODE@@QAE@D@Z
?copyfunc@BOOL_FUNC@@QAEXPAV1@@Z
??0BOOL_TNODE@@QAE@DPAVTECHMAP_SIG@@@Z
??0BOOL_TNODE@@QAE@DPAV0@E0E@Z
??0BDD_MANAGER@@QAE@W4BDD_STORE_METHOD@@GQAPAVTECHMAP_SIG@@@Z
??0BDD_FUNC@@QAE@GPAVBOOL_FUNC@@PAVBDD_MANAGER@@PAG@Z
?printbddexpr@BDD_FUNC@@QAEXQAD0@Z
??1BOOL_FUNC@@QAE@XZ
??0BOOL_FUNC@@QAE@XZ

libbasnu

?nu_create_picspec@@YAPAVPM_PIC@@PAVNG_OBJECT@@E@Z

libbasng

?create_liblink_iter@NG_LIBRARY@@QAEXAAPAVBLIST_ITER_NG_LIBLINK@@@Z
?get_name@NG_OBJECT@@QAEPADXZ
?find_prop@NG_OBJECT@@QAEPAVNG_PROPERTY@@PBD@Z

libbasca

?cae_appname@@3PADA

libbaspm

?kill@PM_PIC_HDL@@AAEXXZ
?get_ventrypoint@PM_DLM@@QAEP6APAXXZPBDPAVPM_DEVKEY@@@Z
?kill@PM_SPEC_HDL@@AAEXXZ
?empty@PM_PIC_HDL@@QAEXXZ
??0PM_DLM@@QAE@VPM_PIC_HDL@@@Z
??0PM_PIC_HDL@@QAE@PBVPM_PIC@@@Z

libbasut

?a_bsearch@UT_BASE_ARRAY@@MAEJPBXP6AH00@Z@Z
?a_resetnum@UT_BASE_ARRAY@@MAEXJ@Z
?ut_stricmp@@YAHPBD0@Z
?getnewptr@UT_FASTMEM@@QAEPAXXZ
?getaddr@UT_BARRAY@@UAEPAXJ@Z
?ut_strdup@@YAPADPBD@Z
?neoform@@YAPADPBDZZ
?ut_strdecode@@YAPADPAD@Z
?l_next@UT_BLIST_ITER@@QAEPAXXZ
?ut_strlwr@@YAXPAD@Z
??1UT_BLIST_ITER@@QAE@XZ
??3UT_BLIST_ITER@@SAXPAX@Z
?a_sortadd@UT_BASE_ARRAY@@MAEXPBXP6AH00@Z@Z
?ut_msgman@@3PAVUT_MSGMAN@@A
??1UT_BARRAY@@UAE@XZ
??0UT_BARRAY@@QAE@PAPAPAXHHE@Z
?clearmem@UT_BASE_ARRAY@@MAEXPAXI@Z
?qsort@UT_BASE_ARRAY@@MAEXJJP6AHPBX0@Z@Z
?a_shift@UT_BASE_ARRAY@@MAEXJH@Z
?a_sortuadd@UT_BASE_ARRAY@@MAEJPBXP6AH00@ZPAE@Z
?intgetindex@UT_BARRAY@@MBEJPAX@Z
?a_makearray@UT_BASE_ARRAY@@MBEPAXXZ
?a_sort@UT_BASE_ARRAY@@MAEXP6AHPBX0@ZJJ@Z

msvcirt

?cout@@3Vostream_withassign@@A
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@G@Z

msvcrt

_initterm
strncmp
_onexit
??3@YAXPAX@Z
__dllonexit
_purecall
exit
??2@YAPAXI@Z
_adjust_fdiv
malloc
isalpha
free
getenv
isspace
isalnum
strchr

kernel32

DisableThreadLibraryCalls

Exports

Exports

??0ML_PARSE@@QAE@PAVBOOL_FUNC@@@Z
??0ML_PARSE@@QAE@PAVBOOL_FUNC@@GQAPBD@Z
??1ML_PARSE@@QAE@XZ
?libbddmgr@@3PAVBDD_MANAGER@@A
?parsecomplement@ML_PARSE@@QAEEAAPADE@Z
?parsepredicate@ML_PARSE@@QAEPADPADQAPAVTECHMAP_SIG@@EAAHPAVML_MACRO@@@Z

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cee549eea7a1787ae5afc73c50ebe69c

Headers

File Characteristics

Imports

libbasbd

libbasnu

libbasng

libbasca

libbaspm

libbasut

msvcirt

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 1KB