76a105fd562dba22be5d5129a922e21e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

76a105fd562dba22be5d5129a922e21e_JaffaCakes118
Size

224KB
MD5

76a105fd562dba22be5d5129a922e21e
SHA1

f506ed2bcbf16529fcc7603826aa2c4d97461087
SHA256

01a83551a576f16d167612c4047dead7346a8702f59de8056909332428993b2c
SHA512

b19ad81f26b7f8bc3aa31f6409fe9077f7f56ab83ff57dbdfa3619caf6574e4c9aa7f04ee3798dd4092c8e927998f9e8ebd2b148d1c475b7483959c1770d90a0
SSDEEP

3072:+CebGysi8w5tj4iAppS7D0iYHaBuGYuI70Pt7YSN/5EtjrOr9F:3MGO8oXo43ni4uGYuI7SFGtnOr9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76a105fd562dba22be5d5129a922e21e_JaffaCakes118

Files

76a105fd562dba22be5d5129a922e21e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7a6abc63e75983f4b56518b29f47664

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\work\miktex-2.5\Programs\DviWare\dvips\Release\dvips.pdb

Imports

miktex-app-1

?Finalize@Application@App@MiKTeX@@UAGXXZ
??0Application@App@MiKTeX@@QAE@XZ
??1Application@App@MiKTeX@@UAE@XZ
?Init@Application@App@MiKTeX@@UAGXPBD@Z

miktex-kpseweb2cemu-3

miktex_kpse_fallback_resolutions_string
?FindSuffix@KPSE@MiKTeX@@YGPADPBD@Z
?BitmapTolerance@KPSE@MiKTeX@@YGHNN@Z
?MagStepFix@KPSE@MiKTeX@@YGIIIPAH@Z
miktex_kpse_make_tex_discard_errors
miktex_kpathsea_version_string
?InitProg@KPSE@MiKTeX@@YGXPBDI00@Z
miktex_program_invocation_name
miktex_kpse_bug_address
?StrDup@KPSE@MiKTeX@@YGPADPBD@Z
?Realloc@KPSE@MiKTeX@@YGPAXPAXI@Z
?Malloc@KPSE@MiKTeX@@YGPAXI@Z
_miktex_kpse_find_glyph@16
?FindFile@KPSE@MiKTeX@@YGPADPBDW4kpse_file_format_type@@H@Z
?FClose@KPSE@MiKTeX@@YGXPAU_iobuf@@PBD@Z
?VarValue@KPSE@MiKTeX@@YGPADPBD@Z

miktex-core-3

?Run@Process@Core@MiKTeX@@SGXABVPathName@23@PBD@Z
?Compare@PathName@Core@MiKTeX@@SGHPBD0@Z
?Exists@File@Core@MiKTeX@@SG_NABVPathName@23@@Z
?CopyString@Utils@Core@MiKTeX@@SGIPADIPBD@Z
?Get@Session@Core@MiKTeX@@SGPAV123@XZ
?Release@Session@Core@MiKTeX@@SGXPAV123@@Z
?AppendString@Utils@Core@MiKTeX@@SGIPADIPBD@Z
?IsAbsolutePath@Utils@Core@MiKTeX@@SG_NPBD@Z
?PrintException@Utils@Core@MiKTeX@@SGXABVexception@std@@@Z
?PrintException@Utils@Core@MiKTeX@@SGXABVMiKTeXException@23@@Z
?AppendDirectoryDelimiter@PathName@Core@MiKTeX@@QAGAAV123@XZ

msvcr80

_isatty
_fileno
_CxxThrowException
memset
__CxxFrameHandler3
memcpy
_CIsqrt
_CIsin
_CIcos
isxdigit
_controlfp_s
_invoke_watson
_except_handler4_common
sprintf
free
ftell
fseek
fclose
__iob_func
fprintf
fflush
sscanf
strncmp
isspace
putc
malloc
system
tolower
strncpy
printf
fopen
strstr
getc
perror
fputs
strchr
fgets
strtok
isalpha
_setmode
puts
getenv
feof
atoi
fgetc
fread
isdigit
_popen
strspn
strcspn
atol
atof
floor
_stricmp
fputc
_pclose
rewind
ungetc
asctime
ferror
_localtime64
_time64
_stat64i32
calloc
isalnum
vsprintf
??3@YAXPAX@Z
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ

kernel32

QueryPerformanceCounter
LocalFree
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
Sleep
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
LocalAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b7a6abc63e75983f4b56518b29f47664

Headers

File Characteristics

PDB Paths

Imports

miktex-app-1

miktex-kpseweb2cemu-3

miktex-core-3

msvcr80

kernel32

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 70KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 70KB

.rsrc
Size: 24KB - Virtual size: 24KB