eabf6893e343c59e45103306e1b97edc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eabf6893e343c59e45103306e1b97edc_JaffaCakes118
Size

119KB
MD5

eabf6893e343c59e45103306e1b97edc
SHA1

66388efda1daaecb43dae80899ad1a4550e68493
SHA256

1ea3ed164f4b49ccc3460c037576dd251d01c80b7596351e897a9c2382607fed
SHA512

ad27ab071b01257e891c0bba40e4147ba458576bcf6a605bf3f172734561990e6a909736b8514a6a6ad066b50d7972108e1f6cc07324aa60bbfb8140293289a0
SSDEEP

3072:YjPTLkpooZjhxgfwuXtYoY2qgpMLyoOtTC:iHkvTAwu9fqgho

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eabf6893e343c59e45103306e1b97edc_JaffaCakes118

Files

eabf6893e343c59e45103306e1b97edc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

143ab74c5f06b9e379dd6aabc9636571

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msvcp60

??_F?$messages@D@std@@QAEXXZ
?imag@?$_Complex_base@M@std@@QAEMABM@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??1?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
?pubseekpos@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAE?AV?$fpos@H@2@V32@H@Z
??4?$numeric_limits@O@std@@QAEAAV01@ABV01@@Z
??0length_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?do_widen@?$ctype@G@std@@MBEGD@Z
?_Init@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEXABV_Locinfo@2@@Z
wctype
?_Getcat@?$numpunct@G@std@@SAIXZ
?sqrt@std@@YA?AV?$complex@N@1@ABV21@@Z
?find_last_not_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?epsilon@?$numeric_limits@I@std@@SAIXZ
?exceptions@ios_base@std@@QBEHXZ
?__Fiopen@std@@YAPAU_iobuf@@PBDH@Z
?eq@?$char_traits@D@std@@SA_NABD0@Z

esent

JetSetCurrentIndex4
JetAttachDatabaseWithStreaming
JetCloseTable@8
JetSetColumns
JetRetrieveColumn
JetGetSecondaryIndexBookmark
JetGetBookmark
JetRestore2
JetStopBackup
JetOpenFileSectionInstance
JetDupSession
JetUpdate@20

opengl32

glTexCoord3sv
glTexCoord3s
wglGetDefaultProcAddress
glPolygonMode
glVertex3sv
glPointSize
glTexParameteri
glLogicOp
glTexCoord4dv
wglRealizeLayerPalette
glGetTexLevelParameterfv
glPixelTransferf
glOrtho
glTexCoord2dv
glClipPlane
glTexGenfv

msvcrt

_y0
time
__p__wpgmptr
??_Ebad_cast@@UAEPAXI@Z
??4exception@@QAEAAV0@ABV0@@Z
vfprintf
_fstat
_getsystime
_CIsqrt
_adj_fpatan
_mbsnbicmp
fputs
__CxxUnregisterExceptionObject
_aligned_free
_execvpe

kernel32

CancelIo
GetVolumePathNamesForVolumeNameA
ConvertThreadToFiber
GetCommandLineA
OpenEventW
QueueUserAPC
GetExitCodeThread
WriteConsoleW
GetTickCount
VirtualAlloc
IsBadHugeWritePtr
SetFilePointerEx
SetCommBreak
GetLastError
TransmitCommChar
MapUserPhysicalPagesScatter
GetModuleHandleA
GetDefaultCommConfigA
ConnectNamedPipe

msvcrt40

??_Estdiostream@@UAEPAXI@Z
??_Estrstream@@UAEPAXI@Z
_strerror
putchar
_mbsncoll
_wcsncoll
_global_unwind2
?close@fstream@@QAEXXZ
?setmode@fstream@@QAEHH@Z
?before@type_info@@QBEHABV1@@Z
??_8ifstream@@7B@
_ismbcsymbol
wcsncmp
?unlockc@ios@@KAXXZ
?_query_new_mode@@YAHXZ
fclose
??_7strstream@@6B@

user32

EndDialog
CharNextA

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat_77
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

143ab74c5f06b9e379dd6aabc9636571

Headers

File Characteristics

Imports

msvcp60

esent

opengl32

msvcrt

kernel32

msvcrt40

user32

Sections

.text Size: 56KB - Virtual size: 55KB

.idat_77 Size: 21KB - Virtual size: 21KB

.data Size: 37KB - Virtual size: 204KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 55KB

.idat_77
Size: 21KB - Virtual size: 21KB

.data
Size: 37KB - Virtual size: 204KB

.rsrc
Size: 3KB - Virtual size: 3KB