2a28b0807ceec52e8d1203e2a51ff45c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a28b0807ceec52e8d1203e2a51ff45c_JaffaCakes118
Size

88KB
MD5

2a28b0807ceec52e8d1203e2a51ff45c
SHA1

42eb4f4644843d0082547c064b89d301ad54b6a0
SHA256

587c422be2ac2c9974497ba9949af11c1610b0c2c499c0a9bacf7f62950c28aa
SHA512

182a3c565270f6a44cda22250b94d02a671539bc47a18742cb0dc77e3c924ef9fcea4919216323b6b508e76d13836430c0e30bd611850a6218e124efeff5afda
SSDEEP

1536:a2bV7u0HUD4KxKxhBsFxb+Ig8wqQdLewC9yTnuESdHA7D3qGeSXhPKy15Eat:/UFRg8wKwC9yTnNQHA7rqXQoy1yU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a28b0807ceec52e8d1203e2a51ff45c_JaffaCakes118

Files

2a28b0807ceec52e8d1203e2a51ff45c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dda3faa338f1e2376135a8b532a64cc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

earcalib

eail_MakeArcInfoCoverageName
anameC
cexist_
aexist_
infpthC
infexf_
stalog_
eail_EsriAIArgExe
endlog_
eail_ArcInfoCloseNT
dirlst_
infrnf_
ccopy_
eail_CheckArcPath
eail_ArcInfoInitNT

elib

esmg_ApplicationInit
esmg_ComLineArgsGet
esmg_ProcessInit
emet_MeterInfoCreate
efio_Sprintf
emet_MeterInfoChangeTaskName
estr_GetPathPart
estr_GetNamePart
efio_MakeDir
emet_MeterInfoDelete
efio_Printf
esmg_LogMessage
emet_MeterInfoPrint
estr_Sprintf
estr_Eqic
efio_IsDirectory
efio_FileCopy
efio_DirectoryRemoveRecursive
estr_StringToStringList
eerr_CreateErrorReport
esec_CheckSecurity
estr_StringCopy
emsc_HeapFree
estr_UpperCase
emsc_HeapMalloc
estr_Duplicate
eint_InitToolkit
eerr_PrintErrorReport
esmg_ProcessExit
earg_DoArgs
eerr_DeleteErrorReportEx
efio_TempName
esmg_OSVersionCheck

emllib

eeml_FrameRemove
eeml_PartFind
eeml_Init
eeml_ParseVa
eeml_DisplayFrame
eeml_GetNextCommand
eeml_FreeCommand

msvcr71

_controlfp
_onexit
strcmp
strlen
strncpy
strcpy
memcpy
_iob
atoi
_c_exit
_exit
_XcptFilter
_ismbblead
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
__dllonexit

kernel32

GetStartupInfoA
GetModuleHandleA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dda3faa338f1e2376135a8b532a64cc0

Headers

File Characteristics

Imports

earcalib

elib

emllib

msvcr71

kernel32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 256B

.rsrc Size: 74KB - Virtual size: 76KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 256B

.rsrc
Size: 74KB - Virtual size: 76KB