bb39fd6429e884ca396b2182b1c1b9f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb39fd6429e884ca396b2182b1c1b9f3_JaffaCakes118
Size

162KB
MD5

bb39fd6429e884ca396b2182b1c1b9f3
SHA1

c23e6fb3ebfa61b06453cbdcea3ada0835b2a8de
SHA256

904be77559933973a66eaa7a98bfc5021ca3dad185f221b232a837b8db4dd032
SHA512

f5b49ef581eb198746072813dbb236ce1d1b63e1129f99d75cd35cf288f686aa5c8beb2fe008292b49ad209c662f02cc6a30499a2cd3e3751194bf6783491837
SSDEEP

3072:FQsfZ+TWRvhOlBoAQunfXYfHL/UOn6wClj99YDGDEsMu/JRf:FQsh+TWRMbgnTUO6T0S/Mu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb39fd6429e884ca396b2182b1c1b9f3_JaffaCakes118

Files

bb39fd6429e884ca396b2182b1c1b9f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f95f4e7bd6ba4a9792079a8c0093d500

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

vcl50.bpl

@System@initialization$qqrv
@System@Finalization$qqrv
@System@LoadResString$qqrp20System@TResStringRec
@System@UnregisterModule$qqrp17System@TLibModule
@System@RegisterModule$qqrp17System@TLibModule
@System@LoadResourceModule$qqrpc
@System@FindHInstance$qqrpv
@System@@LStrFromPChar$qqrr17System@AnsiStringpc
@System@@LStrAsg$qqrv
@System@@LStrArrayClr$qqrv
@System@@LStrClr$qqrr17System@AnsiString
@System@@TryFinallyExit$qqrv
@System@@DoneExcept$qqrv
@System@@RaiseAgain$qqrv
@System@@RaiseExcept$qqrv
@System@@HandleFinally$qqrv
@System@@HandleOnException$qqrv
@System@@HandleAnyException$qqrv
@System@@BeforeDestruction$qqrv
@System@@AfterConstruction$qqrv
@System@@ClassDestroy$qqrv
@System@@ClassCreate$qqrv
@System@TObject@Dispatch$qqrpv
@System@TObject@BeforeDestruction$qqrv
@System@TObject@AfterConstruction$qqrv
@System@TObject@DefaultHandler$qqrpv
@System@TObject@SafeCallException$qqrp14System@TObjectpv
@System@@CallDynaInst$qqrv
@System@@IsClass$qqrv
@System@TObject@Free$qqrv
@System@TObject@$bdtr$qqrv
@System@TObject@$bctr$qqrv
@System@TObject@FreeInstance$qqrv
@System@TObject@NewInstance$qqrp17System@TMetaClass
@System@@FillChar$qqrv
@System@@TRUNC$qqrv
@System@Move$qqrpxvpvi
@System@IsMemoryManagerSet$qqrv
@System@SetMemoryManager$qqrrx21System@TMemoryManager
@System@GetMemoryManager$qqrr21System@TMemoryManager
@System@@FreeMem$qqrv
@System@@GetMem$qqrv
@System@IsMultiThread
@System@IsConsole
@System@ExitProc
@System@CmdLine
@System@IsLibrary
@System@MainInstance
@Sysconst@initialization$qqrv
@Sysconst@Finalization$qqrv
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Sysutils@Exception@$bctr$qqrx17System@AnsiStringpx14System@TVarRecxi
@Sysutils@Exception@$bctr$qqrx17System@AnsiString
@Sysutils@ExceptObject$qqrv
@Sysutils@FileClose$qqri
@Sysutils@FileSeek$qqriii
@Sysutils@FileWrite$qqripxvui
@Sysutils@FileOpen$qqrx17System@AnsiStringui
@Sysutils@EControlC@
@Sysutils@EStackOverflow@
@Sysutils@EPrivilege@
@Sysutils@EAccessViolation@
@Sysutils@EUnderflow@
@Sysutils@EOverflow@
@Sysutils@EZeroDivide@
@Sysutils@EInvalidOp@
@Sysutils@EIntOverflow@
@Sysutils@ERangeError@
@Sysutils@EDivByZero@
@Sysutils@EAbort@
@Activex@initialization$qqrv
@Activex@Finalization$qqrv
@Math@initialization$qqrv
@Math@Finalization$qqrv
@Flatsb@initialization$qqrv
@Flatsb@Finalization$qqrv
@Multimon@initialization$qqrv
@Multimon@Finalization$qqrv
@Consts@initialization$qqrv
@Consts@Finalization$qqrv
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Typinfo@DotSep
@Typinfo@BooleanIdents
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TComponent@UpdateRegistry$qqrp17System@TMetaClassox17System@AnsiStringt3
@Classes@TComponent@SafeCallException$qqrp14System@TObjectpv
@Classes@TComponent@WriteState$qqrp15Classes@TWriter
@Classes@TComponent@$bdtr$qqrv
@Classes@TStream@ReadBuffer$qqrpvi
@Classes@TStream@GetSize$qqrv
@Classes@TStream@SetPosition$qqri
@Classes@TStream@GetPosition$qqrv
@Classes@TPersistent@AssignTo$qqrp19Classes@TPersistent
@Classes@TPersistent@Assign$qqrp19Classes@TPersistent
@Classes@TPersistent@$bdtr$qqrv
@Classes@Rect$qqriiii
@Classes@TComponent@
@Classes@TMemoryStream@
@Graphics@initialization$qqrv
@Graphics@Finalization$qqrv
@Graphics@TBitmap@SetPixelFormat$qqr21Graphics@TPixelFormat
@Graphics@TBitmap@SetHandle$qqrui
@Graphics@TBitmap@GetScanline$qqri
@Graphics@TBitmap@GetPixelFormat$qqrv
@Graphics@TBitmap@$bctr$qqrv
@Graphics@CopyPalette$qqrui
@Graphics@TSharedImage@Release$qqrv
@Graphics@TSharedImage@Reference$qqrv
@Graphics@TPicture@UnregisterGraphicClass$qqrp17System@TMetaClasst1
@Graphics@TPicture@RegisterFileFormat$qqrp17System@TMetaClassx17System@AnsiStringt2t1
@Graphics@TGraphic@SetTransparent$qqro
@Graphics@TGraphic@SaveToFile$qqrx17System@AnsiString
@Graphics@TGraphic@LoadFromFile$qqrx17System@AnsiString
@Graphics@TGraphic@GetTransparent$qqrv
@Graphics@TGraphic@Equals$qqrp17Graphics@TGraphic
@Graphics@TGraphic@DefineProperties$qqrp14Classes@TFiler
@Graphics@TGraphic@Changed$qqrp14System@TObject
@Graphics@TGraphic@$bctr$qqrv
@Graphics@TCanvas@StretchDraw$qqrrx13Windows@TRectp17Graphics@TGraphic
@Graphics@TFont@SetColor$qqr15Graphics@TColor
@Graphics@TBitmap@
@Graphics@TSharedImage@
@Graphics@TPicture@
@$xp$17Graphics@TGraphic
@Graphics@TGraphic@
@Graphics@EInvalidGraphicOperation@
@Graphics@EInvalidGraphic@
@Contnrs@initialization$qqrv
@Contnrs@Finalization$qqrv
@Printers@initialization$qqrv
@Printers@Finalization$qqrv
@Stdctrls@initialization$qqrv
@Stdctrls@Finalization$qqrv
@Stdctrls@TButton@
@Stdctrls@TEdit@
@Stdctrls@TLabel@
@Clipbrd@initialization$qqrv
@Clipbrd@Finalization$qqrv
@Stdactns@initialization$qqrv
@Stdactns@Finalization$qqrv
@Actnlist@initialization$qqrv
@Actnlist@Finalization$qqrv
@Forms@initialization$qqrv
@Forms@Finalization$qqrv
@Forms@TApplication@ShowException$qqrp18Sysutils@Exception
@Forms@TApplication@Run$qqrv
@Forms@TApplication@CreateForm$qqrp17System@TMetaClasspv
@Forms@TApplication@Initialize$qqrv
@Forms@TApplication@SetTitle$qqrx17System@AnsiString
@Forms@TCustomForm@QueryInterface$qqsrx5_GUIDpv
@Forms@TCustomForm@UpdateActions$qqrv
@Forms@TCustomForm@ShowModal$qqrv
@Forms@TCustomForm@SetFocus$qqrv
@Forms@TCustomForm@CloseQuery$qqrv
@Forms@TCustomForm@Resizing$qqr18Forms@TWindowState
@Forms@TCustomForm@PaintWindow$qqrui
@Forms@TCustomForm@SetFocusedControl$qqrp20Controls@TWinControl
@Forms@TCustomForm@DefaultHandler$qqrpv
@Forms@TCustomForm@DestroyWindowHandle$qqrv
@Forms@TCustomForm@CreateWindowHandle$qqrrx22Controls@TCreateParams
@Forms@TCustomForm@CreateWnd$qqrv
@Forms@TCustomForm@CreateParams$qqrr22Controls@TCreateParams
@Forms@TCustomForm@AlignControls$qqrp17Controls@TControlr13Windows@TRect
@Forms@TCustomForm@WndProc$qqrr17Messages@TMessage
@Forms@TCustomForm@ValidateRename$qqrp18Classes@TComponentx17System@AnsiStringt2
@Forms@TCustomForm@SetParent$qqrp20Controls@TWinControl
@Forms@TCustomForm@WantChildKey$qqrp17Controls@TControlr17Messages@TMessage
@Forms@TCustomForm@SetParentBiDiMode$qqro
@Forms@TCustomForm@GetFloating$qqrv
@Forms@TCustomForm@GetClientRect$qqrv
@Forms@TCustomForm@DefineProperties$qqrp14Classes@TFiler
@Forms@TCustomForm@ReadState$qqrp15Classes@TReader
@Forms@TCustomForm@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Forms@TCustomForm@Loaded$qqrv
@Forms@TCustomForm@DoDestroy$qqrv
@Forms@TCustomForm@DoCreate$qqrv
@Forms@TCustomForm@$bdtr$qqrv
@Forms@TCustomForm@BeforeDestruction$qqrv
@Forms@TCustomForm@$bctr$qqrp18Classes@TComponenti
@Forms@TCustomForm@AfterConstruction$qqrv
@Forms@TCustomForm@$bctr$qqrp18Classes@TComponent
@Forms@TScrollingWinControl@AdjustClientRect$qqrr13Windows@TRect
@Forms@TScrollingWinControl@AutoScrollInView$qqrp17Controls@TControl
@Forms@TScrollingWinControl@AutoScrollEnabled$qqrv
@Forms@TScrollingWinControl@$bdtr$qqrv
@Forms@Application
@$xp$11Forms@TForm
@Forms@TForm@
@Imglist@initialization$qqrv
@Imglist@Finalization$qqrv
@Menus@initialization$qqrv
@Menus@Finalization$qqrv
@Controls@initialization$qqrv
@Controls@Finalization$qqrv
@Controls@TWinControl@CanAutoSize$qqrrit1
@Controls@TWinControl@AssignTo$qqrp19Classes@TPersistent
@Controls@TWinControl@ConstrainedResize$qqrrit1t1t1
@Controls@TWinControl@CanResize$qqrrit1
@Controls@TWinControl@GetClientOrigin$qqrv
@Controls@TWinControl@GetControlExtents$qqrv
@Controls@TWinControl@Repaint$qqrv
@Controls@TWinControl@Update$qqrv
@Controls@TWinControl@Invalidate$qqrv
@Controls@TWinControl@GetDeviceContext$qqrrui
@Controls@TWinControl@ShowControl$qqrp17Controls@TControl
@Controls@TWinControl@SetBounds$qqriiii
@Controls@TWinControl@CreateHandle$qqrv
@Controls@TWinControl@DestroyWnd$qqrv
@Controls@TWinControl@$bdtr$qqrv
@Controls@TControl@InitiateAction$qqrv
@Controls@TControl@GetFloatingDockSiteClass$qqrv
@Controls@TControl@SetBiDiMode$qqr17Classes@TBiDiMode
@Controls@TControl@GetText$qqrv
@Controls@TControl@SetEnabled$qqro
@Controls@TControl@SetVisible$qqro
@Controls@TControl@SetName$qqrx17System@AnsiString
@Controls@TControl@SetDragMode$qqr18Controls@TDragMode
@Controls@TControl@GetEnabled$qqrv
@Controls@TControl@GetDragImages$qqrv
@Controls@TControl@$bdtr$qqrv
@Extctrls@initialization$qqrv
@Extctrls@Finalization$qqrv
@Extctrls@TImage@
@Dialogs@initialization$qqrv
@Dialogs@Finalization$qqrv
@Dialogs@ShowMessage$qqrx17System@AnsiString
@Dialogs@TOpenDialog@GetFileName$qqrv
@Dialogs@TOpenDialog@

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetTickCount
GetVersion
GetVersionExA
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualQuery
WriteFile

gdi32

CreateHalftonePalette
CreatePalette
DeleteObject
GetDeviceCaps
GetPaletteEntries

user32

EnumThreadWindows
GetDC
MessageBoxA
ReleaseDC
wsprintfA

Sections

.avp
Size: 122KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f95f4e7bd6ba4a9792079a8c0093d500

Headers

File Characteristics

Imports

vcl50.bpl

kernel32

gdi32

user32

Sections

.avp Size: 122KB - Virtual size: 128KB

.avp Size: 9KB - Virtual size: 28KB

.avp Size: 12KB - Virtual size: 16KB

.avp Size: 512B - Virtual size: 4KB

.avp Size: 16KB - Virtual size: 32KB

.avp
Size: 122KB - Virtual size: 128KB

.avp
Size: 9KB - Virtual size: 28KB

.avp
Size: 12KB - Virtual size: 16KB

.avp
Size: 512B - Virtual size: 4KB

.avp
Size: 16KB - Virtual size: 32KB