ad18d627da34b6f6d0af4d15009682c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad18d627da34b6f6d0af4d15009682c3_JaffaCakes118
Size

41KB
MD5

ad18d627da34b6f6d0af4d15009682c3
SHA1

e712232fc88d92848ea2d58ae3ec03499d885a85
SHA256

c7e4f8e1e8295c8444932a38751b1672bac7e281bb9146211146031d72c3e5f4
SHA512

3510e755213cf7a55bdc8fd7c3455af8f802876c5ff3bea02d3b1c5d0fc97599d9ed62d3e6c986a1e127fbe2f68f6f7c6eb35e6e075d434915ba7012909c094a
SSDEEP

768:hUF2DJYyqqacHAcL++lzQXZoizBSIAarrgA:qcWSL+lpHrgA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad18d627da34b6f6d0af4d15009682c3_JaffaCakes118

Files

ad18d627da34b6f6d0af4d15009682c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6182e51200fa4e301f9de7e9a03e9a09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libopenfoam

_ZN4Foam10FatalErrorE
_ZN4Foam11openLibraryERKNS_8fileNameE
_ZN4Foam11regIOobject14readIfModifiedEv
_ZN4Foam11regIOobject4readEv
_ZN4Foam11regIOobject6renameERKNS_4wordE
_ZN4Foam12IOdictionary8readDataERNS_7IstreamE
_ZN4Foam12IOdictionary8typeNameE
_ZN4Foam12IOdictionaryC2ERKNS_8IOobjectE
_ZN4Foam12IOdictionaryD2Ev
_ZN4Foam12timeSelector10addOptionsEbb
_ZN4Foam12timeSelector7select0ERNS_4TimeERKNS_7argListE
_ZN4Foam13messageStreamcvRNS_8OSstreamEEv
_ZN4Foam4InfoE
_ZN4Foam4Time15controlDictNameE
_ZN4Foam4Time7setTimeERKNS_7instantEi
_ZN4Foam4TimeC1ERKNS_4wordERKNS_8fileNameES6_S3_S3_
_ZN4Foam4TimeD1Ev
_ZN4Foam4word5debugE
_ZN4Foam5error4exitEi
_ZN4Foam5error5abortEv
_ZN4Foam5errorclEPKcS2_i
_ZN4Foam6HasherEPKvjj
_ZN4Foam6string14removeRepeatedEc
_ZN4Foam6string14removeTrailingEc
_ZN4Foam7argList12validOptionsE
_ZN4Foam7argListC1ERiRPPcbb
_ZN4Foam7argListD1Ev
_ZN4Foam8IOobjectC1ERKNS_4wordERKNS_8fileNameERKNS_14objectRegistryENS0_10readOptionENS0_11writeOptionEb
_ZN4Foam8IOobjectD1Ev
_ZN4Foam8IOstream14currentVersionE
_ZN4Foam8IOstream5name_E
_ZN4Foam8fileName5debugE
_ZN4Foam8polyMesh13defaultRegionE
_ZN4FoamlsERNS_7OstreamEPKc
_ZN4FoamlsERNS_7OstreamERKNS_4wordE
_ZN4FoamlsERNS_7OstreamERKNS_5token16punctuationTokenE
_ZN4FoamlsERNS_7OstreamEc
_ZN4FoamlsERNS_7OstreamEi
_ZN4FoamrsERNS_7IstreamERNS_4wordE
_ZNK4Foam11regIOobject11writeObjectENS_8IOstream12streamFormatENS1_13versionNumberENS1_15compressionTypeE
_ZNK4Foam11regIOobject5writeEv
_ZNK4Foam11regIOobject8modifiedEv
_ZNK4Foam12IOdictionary4nameEv
_ZNK4Foam12IOdictionary9writeDataERNS_7OstreamE
_ZNK4Foam4Time8timeNameEv
_ZNK4Foam7argList13checkRootCaseEv
_ZNK4Foam8IOstream5checkEPKc
_ZNK4Foam8IOstream5printERNS_7OstreamE
_ZTVN4Foam13IStringStreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8ISstreamE
_ZN4Foam8IOstream5name_E
_ZN4Foam8IOstream5name_E
_ZN4Foam12IOdictionary8typeNameE
_ZN4Foam10FatalErrorE
_ZN4Foam10FatalErrorE
_ZN4Foam10FatalErrorE
_ZN4Foam10FatalErrorE
_ZN4Foam10FatalErrorE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8IOstreamE
_ZTVN4Foam8ISstreamE
_ZTVN4Foam8ISstreamE
_ZTVN4Foam8ISstreamE
_ZTVN4Foam8ISstreamE
_ZTVN4Foam13IStringStreamE
_ZTVN4Foam13IStringStreamE
_ZTVN4Foam13IStringStreamE
_ZN4Foam4word5debugE
_ZN4Foam4word5debugE
_ZN4Foam4word5debugE
_ZN4Foam4word5debugE
_ZN4Foam4word5debugE
_ZN4Foam4word5debugE
_ZN4Foam4word5debugE
_ZN4Foam4word5debugE
_ZN4Foam4word5debugE
_ZN4Foam4word5debugE
_ZN4Foam7argList12validOptionsE
_ZN4Foam8fileName5debugE
_ZN4Foam8fileName5debugE
_ZN4Foam8fileName5debugE
_ZN4Foam8fileName5debugE
_ZN4Foam8fileName5debugE
_ZN4Foam8fileName5debugE
_ZN4Foam4InfoE
_ZN4Foam4InfoE
_ZN4Foam4InfoE
_ZN4Foam4InfoE
_ZN4Foam4InfoE
_ZN4Foam4InfoE
_ZN4Foam4Time15controlDictNameE
_ZN4Foam8polyMesh13defaultRegionE
_ZN4Foam8IOstream14currentVersionE
_ZN4Foam8IOstream14currentVersionE
_ZN4Foam8IOstream14currentVersionE
_ZN4Foam8IOstream14currentVersionE
_ZN4Foam8IOstream14currentVersionE

libfinitevolume

_ZN4Foam6fvMesh10readUpdateEv
_ZN4Foam6fvMeshC1ERKNS_8IOobjectE
_ZN4Foam6fvMeshD1Ev

libsampling

_ZN4Foam6probes3endEv
_ZN4Foam6probes4readERKNS_10dictionaryE
_ZN4Foam6probes5writeEv
_ZN4Foam6probes7executeEv
_ZN4Foam6probes8typeNameE
_ZN4Foam6probesC2ERKNS_4wordERKNS_14objectRegistryERKNS_10dictionaryEb
_ZN4Foam6probesD2Ev
_ZN4Foam6probes8typeNameE
_ZN4Foam6probes8typeNameE

libgcc_s_sjlj-1

_Unwind_SjLj_Register
_Unwind_SjLj_Resume
_Unwind_SjLj_Unregister

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_iob
_lock
_onexit
_unlock
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strlen
vfprintf

libstdc++-6

_ZNKSt5ctypeIcE13_M_widen_initEv
_ZNSo3putEc
_ZNSo5flushEv
_ZNSolsEi
_ZNSs12_M_leak_hardEv
_ZNSs4_Rep10_M_destroyERKSaIcE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs6assignERKSs
_ZNSs6resizeEjc
_ZNSsC1EPKcjRKSaIcE
_ZNSsC2EPKcRKSaIcE
_ZNSsC2ERKSs
_ZNSsD1Ev
_ZNSsD2Ev
_ZNSt15basic_stringbufIcSt11char_traitsIcESaIcEE7_M_syncEPcjj
_ZNSt6localeC1Ev
_ZNSt6localeD1Ev
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZNSt8ios_baseC2Ev
_ZNSt8ios_baseD2Ev
_ZNSt9basic_iosIcSt11char_traitsIcEE4initEPSt15basic_streambufIcS1_E
_ZNSt9basic_iosIcSt11char_traitsIcEE5clearESt12_Ios_Iostate
_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_i
_ZSt16__throw_bad_castv
_ZSt4cerr
_ZSt4endlIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZTISi
_ZTISt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTTSt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZTVSt15basic_stringbufIcSt11char_traitsIcESaIcEE
_ZTVSt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTVSt9basic_iosIcSt11char_traitsIcEE
_ZdaPv
_ZdlPv
_Znaj
_Znwj
__cxa_bad_cast
__cxa_pure_virtual
__dynamic_cast
__gxx_personality_sj0
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZNSs4_Rep20_S_empty_rep_storageE
_ZTISt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTISt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTISi
_ZTISi
_ZTVSt15basic_stringbufIcSt11char_traitsIcESaIcEE
_ZTVSt15basic_stringbufIcSt11char_traitsIcESaIcEE
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZSt4cerr
_ZTTSt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTTSt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTTSt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTTSt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTTSt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTVSt9basic_iosIcSt11char_traitsIcEE
_ZTVSt9basic_iosIcSt11char_traitsIcEE
_ZTVSt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTVSt19basic_istringstreamIcSt11char_traitsIcESaIcEE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv117__class_type_infoE

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6182e51200fa4e301f9de7e9a03e9a09

Headers

File Characteristics

Imports

libopenfoam

libfinitevolume

libsampling

libgcc_s_sjlj-1

kernel32

msvcrt

libstdc++-6

Sections

.text Size: 24KB - Virtual size: 23KB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 472B

.bss Size: - Virtual size: 1KB

.idata Size: 11KB - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 472B

.bss
Size: - Virtual size: 1KB

.idata
Size: 11KB - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1KB - Virtual size: 1KB