49cf2d8d3519f74410a1946e53648b90_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

49cf2d8d3519f74410a1946e53648b90_JaffaCakes118
Size

44KB
MD5

49cf2d8d3519f74410a1946e53648b90
SHA1

da7a69034dae768e4adda1345eff49ff09a2402b
SHA256

abc6ec8048baa4570ed738f82043a1b9745563f7b6bcafe8b068d77c7cdcad33
SHA512

0f82c5edccf549d5249ff758c149531c83bd6d28664bc699f57ef729502a8c4845da64a6f713e51bced0985559fe85c0d9277d40d454a6090199b2958b954700
SSDEEP

768:1gftp/Y3K1FlZiP/qnsTEtKn0JV//JurQ9:Utp//Js/qn5tKn0JVJur

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49cf2d8d3519f74410a1946e53648b90_JaffaCakes118

Files

49cf2d8d3519f74410a1946e53648b90_JaffaCakes118
.dll windows:4 windows x86 arch:x86

19f792c92ff4724420ae0b33f78526e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

vcl60.bpl

@Consts@initialization$qqrv
@Consts@Finalization$qqrv
@Graphics@initialization$qqrv
@Graphics@Finalization$qqrv
@Printers@initialization$qqrv
@Printers@Finalization$qqrv
@Stdctrls@initialization$qqrv
@Stdctrls@Finalization$qqrv
@Extctrls@initialization$qqrv
@Extctrls@Finalization$qqrv
@Dialogs@initialization$qqrv
@Dialogs@Finalization$qqrv
@Clipbrd@initialization$qqrv
@Clipbrd@Finalization$qqrv
@Stdactns@initialization$qqrv
@Stdactns@Finalization$qqrv
@Winhelpviewer@initialization$qqrv
@Winhelpviewer@Finalization$qqrv
@Actnlist@initialization$qqrv
@Actnlist@Finalization$qqrv
@Forms@initialization$qqrv
@Forms@Finalization$qqrv
@Imglist@initialization$qqrv
@Imglist@Finalization$qqrv
@Menus@initialization$qqrv
@Menus@Finalization$qqrv
@Controls@initialization$qqrv
@Controls@Finalization$qqrv
@Buttons@initialization$qqrv
@Buttons@Finalization$qqrv
@Toolwin@initialization$qqrv
@Toolwin@Finalization$qqrv
@Comstrs@initialization$qqrv
@Comstrs@Finalization$qqrv
@Extdlgs@initialization$qqrv
@Extdlgs@Finalization$qqrv
@Extactns@initialization$qqrv
@Extactns@Finalization$qqrv
@Listactns@initialization$qqrv
@Listactns@Finalization$qqrv
@Comctrls@initialization$qqrv
@Comctrls@Finalization$qqrv
@Mask@initialization$qqrv
@Mask@Finalization$qqrv
@Grids@initialization$qqrv
@Grids@Finalization$qqrv
@Oleconst@initialization$qqrv
@Oleconst@Finalization$qqrv
@Axctrls@initialization$qqrv
@Axctrls@Finalization$qqrv
@Olectrls@initialization$qqrv
@Olectrls@Finalization$qqrv

rtl60.bpl

@System@initialization$qqrv
@System@Finalization$qqrv
@System@UnregisterModule$qqrp17System@TLibModule
@System@RegisterModule$qqrp17System@TLibModule
@System@FindHInstance$qqrpv
@System@@LStrFromPChar$qqrr17System@AnsiStringpc
@System@@LStrAsg$qqrpvpxv
@System@@LStrClr$qqrpv
@System@@HandleFinally$qqrv
@System@TObject@$bdtr$qqrv
@System@IsMemoryManagerSet$qqrv
@System@SetMemoryManager$qqrrx21System@TMemoryManager
@System@IsMultiThread
@System@IsConsole
@System@ExitProc
@System@CmdLine
@System@IsLibrary
@System@MainInstance
@Types@initialization$qqrv
@Types@Finalization$qqrv
@Sysconst@initialization$qqrv
@Sysconst@Finalization$qqrv
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Rtlconsts@initialization$qqrv
@Rtlconsts@Finalization$qqrv
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Typinfo@DotSep
@Typinfo@BooleanIdents
@Activex@initialization$qqrv
@Activex@Finalization$qqrv
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TComponent@$bdtr$qqrv
@Classes@TPersistent@$bdtr$qqrv
@Comconst@initialization$qqrv
@Comconst@Finalization$qqrv
@Comobj@initialization$qqrv
@Comobj@Finalization$qqrv
@Math@initialization$qqrv
@Math@Finalization$qqrv
@Contnrs@initialization$qqrv
@Contnrs@Finalization$qqrv
@Dateutils@initialization$qqrv
@Dateutils@Finalization$qqrv
@Inifiles@initialization$qqrv
@Inifiles@Finalization$qqrv
@Registry@initialization$qqrv
@Registry@Finalization$qqrv
@Stdvcl@initialization$qqrv
@Stdvcl@Finalization$qqrv
@Strutils@initialization$qqrv
@Strutils@Finalization$qqrv
@Maskutils@initialization$qqrv
@Maskutils@Finalization$qqrv
@Helpintfs@initialization$qqrv
@Helpintfs@Finalization$qqrv
@Flatsb@initialization$qqrv
@Flatsb@Finalization$qqrv
@Mapi@initialization$qqrv
@Mapi@Finalization$qqrv
@Multimon@initialization$qqrv
@Multimon@Finalization$qqrv

dbrtl60.bpl

@Dbconsts@initialization$qqrv
@Dbconsts@Finalization$qqrv
@Sqltimst@initialization$qqrv
@Sqltimst@Finalization$qqrv
@Fmtbcd@initialization$qqrv
@Fmtbcd@Finalization$qqrv
@Db@initialization$qqrv
@Db@Finalization$qqrv
@Dbcommon@initialization$qqrv
@Dbcommon@Finalization$qqrv

vclx60.bpl

@Filectrl@initialization$qqrv
@Filectrl@Finalization$qqrv
@Checklst@initialization$qqrv
@Checklst@Finalization$qqrv

bdertl60.bpl

@Bde@initialization$qqrv
@Bde@Finalization$qqrv
@Smintf@initialization$qqrv
@Smintf@Finalization$qqrv
@Bdeconst@initialization$qqrv
@Bdeconst@Finalization$qqrv
@Dbtables@initialization$qqrv
@Dbtables@Finalization$qqrv

qrpt60.bpl

@Qr3const@initialization$qqrv
@Qr3const@Finalization$qqrv
@Qrprgres@initialization$qqrv
@Qrprgres@Finalization$qqrv
@Qrexpr@initialization$qqrv
@Qrexpr@Finalization$qqrv
@Qrlabled@initialization$qqrv
@Qrlabled@Finalization$qqrv
@Qrexpred@initialization$qqrv
@Qrexpred@Finalization$qqrv
@Qrctrls@initialization$qqrv
@Qrctrls@Finalization$qqrv
@Qrprnsu@initialization$qqrv
@Qrprnsu@Finalization$qqrv
@Qrabout@initialization$qqrv
@Qrabout@Finalization$qqrv
@Qrcomped@initialization$qqrv
@Qrcomped@Finalization$qqrv
@Qrenved@initialization$qqrv
@Qrenved@Finalization$qqrv
@Qrexpbld@initialization$qqrv
@Qrexpbld@Finalization$qqrv
@Quickrpt@initialization$qqrv
@Quickrpt@Finalization$qqrv
@Qrprev@initialization$qqrv
@Qrprev@Finalization$qqrv
@Qrprntr@initialization$qqrv
@Qrprntr@Finalization$qqrv
@Qrextra@initialization$qqrv
@Qrextra@Finalization$qqrv

tee5c6.bpl

@Teetranslate@Finalization$qqrv
@Teetranslate@initialization$qqrv
@Bubblech@Finalization$qqrv
@Bubblech@initialization$qqrv
@Chart@Finalization$qqrv
@Chart@initialization$qqrv
@Ganttch@Finalization$qqrv
@Ganttch@initialization$qqrv
@Series@Finalization$qqrv
@Series@initialization$qqrv
@Tecanvas@Finalization$qqrv
@Tecanvas@initialization$qqrv
@Teeabout@Finalization$qqrv
@Teeabout@initialization$qqrv
@Teeconst@Finalization$qqrv
@Teeconst@initialization$qqrv
@Teefunci@Finalization$qqrv
@Teefunci@initialization$qqrv
@Teengine@Finalization$qqrv
@Teengine@initialization$qqrv
@Teeprocs@Finalization$qqrv
@Teeprocs@initialization$qqrv
@Teeshape@Finalization$qqrv
@Teeshape@initialization$qqrv
@Teestore@Finalization$qqrv
@Teestore@initialization$qqrv
@Arrowcha@Finalization$qqrv
@Arrowcha@initialization$qqrv

teeui5c6.bpl

@Teecirclededit@Finalization$qqrv
@Teecirclededit@initialization$qqrv
@Teeareaedit@Finalization$qqrv
@Teeareaedit@initialization$qqrv
@Teearrowedi@Finalization$qqrv
@Teearrowedi@initialization$qqrv
@Teeaxisincr@Finalization$qqrv
@Teeaxisincr@initialization$qqrv
@Teeaxmaxmin@Finalization$qqrv
@Teeaxmaxmin@initialization$qqrv
@Teebaredit@Finalization$qqrv
@Teebaredit@initialization$qqrv
@Teebmpoptions@Finalization$qqrv
@Teebmpoptions@initialization$qqrv
@Teebrushdlg@Finalization$qqrv
@Teebrushdlg@initialization$qqrv
@Teechartgrid@Finalization$qqrv
@Teechartgrid@initialization$qqrv
@Editchar@Finalization$qqrv
@Editchar@initialization$qqrv
@Teexport@Finalization$qqrv
@Teexport@initialization$qqrv
@Teecustomshapeeditor@Finalization$qqrv
@Teecustomshapeeditor@initialization$qqrv
@Teeedi3d@Finalization$qqrv
@Teeedi3d@initialization$qqrv
@Teeediaxis@Finalization$qqrv
@Teeediaxis@initialization$qqrv
@Teeedifont@Finalization$qqrv
@Teeedifont@initialization$qqrv
@Teeedigene@Finalization$qqrv
@Teeedigene@initialization$qqrv
@Teeedigrad@Finalization$qqrv
@Teeedigrad@initialization$qqrv
@Teeedilege@Finalization$qqrv
@Teeedilege@initialization$qqrv
@Teeedipage@Finalization$qqrv
@Teeedipage@initialization$qqrv
@Teeedipane@Finalization$qqrv
@Teeedipane@initialization$qqrv
@Teeediperi@Finalization$qqrv
@Teeediperi@initialization$qqrv
@Teeediseri@Finalization$qqrv
@Teeediseri@initialization$qqrv
@Teeeditcha@Finalization$qqrv
@Teeeditcha@initialization$qqrv
@Teeedititl@Finalization$qqrv
@Teeedititl@initialization$qqrv
@Teeedittools@Finalization$qqrv
@Teeedittools@initialization$qqrv
@Teeediwall@Finalization$qqrv
@Teeediwall@initialization$qqrv
@Teeemfoptions@Finalization$qqrv
@Teeemfoptions@initialization$qqrv
@Teeflineedi@Finalization$qqrv
@Teeflineedi@initialization$qqrv
@Teefuncedit@Finalization$qqrv
@Teefuncedit@initialization$qqrv
@Teegallerypanel@Finalization$qqrv
@Teegallerypanel@initialization$qqrv
@Teegally@Finalization$qqrv
@Teegally@initialization$qqrv
@Teeganttedi@Finalization$qqrv
@Teeganttedi@initialization$qqrv
@Teelisb@Finalization$qqrv
@Teelisb@initialization$qqrv
@Teenavigator@Finalization$qqrv
@Teenavigator@initialization$qqrv
@Teependlg@Finalization$qqrv
@Teependlg@initialization$qqrv
@Teepieedit@Finalization$qqrv
@Teepieedit@initialization$qqrv
@Teepoedi@Finalization$qqrv
@Teepoedi@initialization$qqrv
@Teeprevi@Finalization$qqrv
@Teeprevi@initialization$qqrv
@Teepreviewpanel@Finalization$qqrv
@Teepreviewpanel@initialization$qqrv
@Teeselectlist@Finalization$qqrv
@Teeselectlist@initialization$qqrv
@Teeshapeedi@Finalization$qqrv
@Teeshapeedi@initialization$qqrv
@Teesourceedit@Finalization$qqrv
@Teesourceedit@initialization$qqrv
@Teestackbaredit@Finalization$qqrv
@Teestackbaredit@initialization$qqrv
@Teetoolsgallery@Finalization$qqrv
@Teetoolsgallery@initialization$qqrv
@Teecustedit@Finalization$qqrv
@Teecustedit@initialization$qqrv
@Teeexport@Finalization$qqrv
@Teeexport@initialization$qqrv

teepro5c6.bpl

@Candlech@Finalization$qqrv
@Candlech@initialization$qqrv
@Ohlchart@Finalization$qqrv
@Ohlchart@initialization$qqrv
@Statchar@Finalization$qqrv
@Statchar@initialization$qqrv
@Teeedit@Finalization$qqrv
@Teeedit@initialization$qqrv
@Teeproco@Finalization$qqrv
@Teeproco@initialization$qqrv
@Teetools@Finalization$qqrv
@Teetools@initialization$qqrv

capital.bpl

@@Quotecenter@Finalize
@@Quotecenter@Initialize
@@Authenticate@Finalize
@@Authenticate@Initialize
@@Sksimpleorder@Finalize
@@Sksimpleorder@Initialize
@@Skactivenews@Finalize
@@Skactivenews@Initialize
@@Skactivereport@Finalize
@@Skactivereport@Initialize
@@Skquotea@Finalize
@@Skquotea@Initialize
@@Skquoteb@Finalize
@@Skquoteb@Initialize
@@Skprice@Finalize
@@Skprice@Initialize
@@Skgraphic@Finalize
@@Skgraphic@Initialize
@@Sktechanalysis@Finalize
@@Sktechanalysis@Initialize
@@Printreport3@Finalize
@@Printreport3@Initialize
@@Skpublicreportcom@Finalize
@@Skpublicreportcom@Initialize
@@Skselfbalancecom@Finalize
@@Skselfbalancecom@Initialize
@@Skorderreportcom@Finalize
@@Skorderreportcom@Initialize
@@Requestbalancereport@Initialize
@@Requestbalancereport@Finalize
@@Skfuturehistorycom@Finalize
@@Skfuturehistorycom@Initialize
@@Skfutureinoutcom@Finalize
@@Skfutureinoutcom@Initialize
@@Skfuturerightcom@Finalize
@@Skfuturerightcom@Initialize
@@Sktsestockinfo@Finalize
@@Sktsestockinfo@Initialize
@@Requestselfbalancereport@Initialize
@@Requestselfbalancereport@Finalize
@@Skeasyordercom@Finalize
@@Skeasyordercom@Initialize
@@Skremindview@Finalize
@@Skremindview@Initialize
@@Skspecialstockview@Finalize
@@Skspecialstockview@Initialize
@@Sktechviewer@Finalize
@@Sktechviewer@Initialize
@@Batchorderview@Finalize
@@Batchorderview@Initialize
@@Overseas@Initialize
@@Overseas@Finalize
@@Stockmortgageview@Finalize
@@Stockmortgageview@Initialize
@@Hkquotecenter@Finalize
@@Hkquotecenter@Initialize
@THKQuoteCenter@
@THKQuoteCenter@$bctr$qqrp18Classes@TComponent
@THKQuoteCenter@$bdtr$qqrv
@@Hkstocks@Initialize
@@Hkstocks@Finalize
@@Skedit@Finalize
@@Skedit@Initialize
@@Statisticsview@Finalize
@@Statisticsview@Initialize
@@Stockreportset@Initialize
@@Stockreportset@Finalize
@@Accounthintview@Finalize
@@Accounthintview@Initialize
@@Skaccountcombobox@Finalize
@@Skaccountcombobox@Initialize
@@Field@Initialize
@@Field@Finalize
@@Account@Initialize
@@Account@Finalize
@@Result@Initialize
@@Result@Finalize
@@Centers@Initialize
@@Centers@Finalize
@@Request@Initialize
@@Request@Finalize
@@Setfield@Finalize
@@Setfield@Initialize
@@Optionparam@Initialize
@@Optionparam@Finalize
@@Querystockviewer@Finalize
@@Querystockviewer@Initialize
@@Inputview@Finalize
@@Inputview@Initialize
@@Doubleorderitem@Initialize
@@Doubleorderitem@Finalize
@@Settingviewer@Finalize
@@Settingviewer@Initialize
@@Reduceform@Initialize
@@Reduceform@Finalize
@@Dialogboxview@Finalize
@@Dialogboxview@Initialize
@@Chartsettingviewer@Finalize
@@Chartsettingviewer@Initialize
@@Disassembleboxview@Initialize
@@Disassembleboxview@Finalize
@@Calctech@Initialize
@@Calctech@Finalize
@@Selectfolderdlg@Finalize
@@Selectfolderdlg@Initialize
@@Orderreportsetview@Finalize
@@Orderreportsetview@Initialize
@@Exchange@Initialize
@@Exchange@Finalize
@@Foreign@Initialize
@@Foreign@Finalize
@@Overseamapdata@Initialize
@@Overseamapdata@Finalize
@@Overseabest5@Initialize
@@Overseabest5@Finalize
@@Foreignorder@Initialize
@@Foreignorder@Finalize
@@Spreadorder@Initialize
@@Spreadorder@Finalize
@@Hkstock@Initialize
@@Hkstock@Finalize
@@Hkbest5@Initialize
@@Hkbest5@Finalize
@@Hkcatalogs@Initialize
@@Hkcatalogs@Finalize
@@Hkkdata@Initialize
@@Hkkdata@Finalize
@@Hkmap@Initialize
@@Hkmap@Finalize
@@Foreignspreadorder@Initialize
@@Foreignspreadorder@Finalize
@@Requestwarrant@Initialize
@@Requestwarrant@Finalize
@@Warninginfohw@Initialize
@@Warninginfohw@Finalize

borlndmm

ord2

kernel32

FreeLibrary
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetVersion
HeapAlloc
HeapFree
LoadLibraryA

cc3260mt

@$bdele$qpv
@_InitTermAndUnexPtrs$qv
__ErrorExit
__ErrorMessage
___CRTL_MEM_GetBorMemPtrs
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
____ExceptionHandler
__argv_default_expand
__free_heaps
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__startupd
__wargv_default_expand
_memcpy

stlpmt45

ord467

Exports

Exports

FreeInstance
GetDllVersion
GetID
GetInstance
___CPPdebugHook

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19f792c92ff4724420ae0b33f78526e7

Headers

File Characteristics

Imports

vcl60.bpl

rtl60.bpl

dbrtl60.bpl

vclx60.bpl

bdertl60.bpl

qrpt60.bpl

tee5c6.bpl

teeui5c6.bpl

teepro5c6.bpl

capital.bpl

borlndmm

kernel32

cc3260mt

stlpmt45

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 26KB - Virtual size: 28KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.text
Size: 10KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 26KB - Virtual size: 28KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB