ebdd66c14e7d1e86954a1de82bde1153_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ebdd66c14e7d1e86954a1de82bde1153_JaffaCakes118
Size

52KB
MD5

ebdd66c14e7d1e86954a1de82bde1153
SHA1

0b0e2bd27676710cb46da15ad388a613d2f01d99
SHA256

2d6398274acb1267a3b44d31af7d416811ae0fde85acf2dcb390fd93b277da2b
SHA512

87874eb501e8b2d60411dfc4e59416d50e457790a6ca0795c4ef21e56e124c69e4e5af0a337512915735d42706b6943e6ec267aa9651cf8e124c281d27738fb0
SSDEEP

768:XAuKjLfLf7+jROHWbkK1D+vDHXjiDaFyvloLJBU0vVpG3HA:XyLTj+4HQ8vi2Fyv2JatA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebdd66c14e7d1e86954a1de82bde1153_JaffaCakes118

Files

ebdd66c14e7d1e86954a1de82bde1153_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ababec12d05e7b081c22e0fa72fcf3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rtl60.bpl

@System@initialization$qqrv
@System@Finalization$qqrv
@System@UnregisterModule$qqrp17System@TLibModule
@System@RegisterModule$qqrp17System@TLibModule
@System@FindHInstance$qqrpv
@System@@LStrSetLength$qqrv
@System@@LStrCat$qqrv
@System@@LStrFromPChar$qqrr17System@AnsiStringpc
@System@@LStrAsg$qqrpvpxv
@System@@LStrClr$qqrpv
@System@@HandleFinally$qqrv
@System@TObject@Dispatch$qqrpv
@System@TObject@$bdtr$qqrv
@System@TObject@FreeInstance$qqrv
@System@TObject@NewInstance$qqrp17System@TMetaClass
@System@IsMemoryManagerSet$qqrv
@System@SetMemoryManager$qqrrx21System@TMemoryManager
@System@IsMultiThread
@System@IsConsole
@System@ExitProc
@System@CmdLine
@System@IsLibrary
@System@MainInstance
@Types@initialization$qqrv
@Types@Finalization$qqrv
@Sysconst@initialization$qqrv
@Sysconst@Finalization$qqrv
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Rtlconsts@initialization$qqrv
@Rtlconsts@Finalization$qqrv
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Typinfo@DotSep
@Typinfo@BooleanIdents
@Activex@initialization$qqrv
@Activex@Finalization$qqrv
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TComponent@UpdateRegistry$qqrp17System@TMetaClassox17System@AnsiStringt3
@Classes@TComponent@SafeCallException$qqrp14System@TObjectpv
@Classes@TComponent@WriteState$qqrp15Classes@TWriter
@Classes@TComponent@$bdtr$qqrv
@Classes@TPersistent@Assign$qqrp19Classes@TPersistent
@Classes@TPersistent@$bdtr$qqrv
@Math@initialization$qqrv
@Math@Finalization$qqrv
@Contnrs@initialization$qqrv
@Contnrs@Finalization$qqrv
@Inifiles@initialization$qqrv
@Inifiles@Finalization$qqrv
@Registry@initialization$qqrv
@Registry@Finalization$qqrv
@Strutils@initialization$qqrv
@Strutils@Finalization$qqrv
@Helpintfs@initialization$qqrv
@Helpintfs@Finalization$qqrv
@Flatsb@initialization$qqrv
@Flatsb@Finalization$qqrv
@Mapi@initialization$qqrv
@Mapi@Finalization$qqrv
@Multimon@initialization$qqrv
@Multimon@Finalization$qqrv

vcl60.bpl

@Consts@initialization$qqrv
@Consts@Finalization$qqrv
@Graphics@initialization$qqrv
@Graphics@Finalization$qqrv
@Graphics@TCanvas@Rectangle$qqrrx11Types@TRect
@Graphics@TCanvas@Ellipse$qqrrx11Types@TRect
@Graphics@TBrush@SetColor$qqr15Graphics@TColor
@Graphics@TPen@SetWidth$qqri
@Graphics@TPen@SetColor$qqr15Graphics@TColor
@Printers@initialization$qqrv
@Printers@Finalization$qqrv
@Stdctrls@initialization$qqrv
@Stdctrls@Finalization$qqrv
@Stdctrls@TCustomListBox@SetTopIndex$qqri
@Stdctrls@TListBox@
@Stdctrls@TCheckBox@
@Stdctrls@TButton@
@Extctrls@initialization$qqrv
@Extctrls@Finalization$qqrv
@Extctrls@TPanel@
@Extctrls@TPaintBox@
@Dialogs@initialization$qqrv
@Dialogs@Finalization$qqrv
@Dialogs@TOpenDialog@GetFileName$qqrv
@Dialogs@TOpenDialog@
@Clipbrd@initialization$qqrv
@Clipbrd@Finalization$qqrv
@Stdactns@initialization$qqrv
@Stdactns@Finalization$qqrv
@Winhelpviewer@initialization$qqrv
@Winhelpviewer@Finalization$qqrv
@Actnlist@initialization$qqrv
@Actnlist@Finalization$qqrv
@Forms@initialization$qqrv
@Forms@Finalization$qqrv
@Forms@TApplication@ShowException$qqrp18Sysutils@Exception
@Forms@TApplication@Run$qqrv
@Forms@TApplication@CreateForm$qqrp17System@TMetaClasspv
@Forms@TApplication@Initialize$qqrv
@Forms@TCustomForm@QueryInterface$qqsrx5_GUIDpv
@Forms@TCustomForm@UpdateActions$qqrv
@Forms@TCustomForm@ShowModal$qqrv
@Forms@TCustomForm@SetFocus$qqrv
@Forms@TCustomForm@CloseQuery$qqrv
@Forms@TCustomForm@Resizing$qqr18Forms@TWindowState
@Forms@TCustomForm@PaintWindow$qqrui
@Forms@TCustomForm@SetFocusedControl$qqrp20Controls@TWinControl
@Forms@TCustomForm@DefaultHandler$qqrpv
@Forms@TCustomForm@DestroyWindowHandle$qqrv
@Forms@TCustomForm@CreateWindowHandle$qqrrx22Controls@TCreateParams
@Forms@TCustomForm@CreateWnd$qqrv
@Forms@TCustomForm@CreateParams$qqrr22Controls@TCreateParams
@Forms@TCustomForm@AlignControls$qqrp17Controls@TControlr11Types@TRect
@Forms@TCustomForm@WndProc$qqrr17Messages@TMessage
@Forms@TCustomForm@ValidateRename$qqrp18Classes@TComponentx17System@AnsiStringt2
@Forms@TCustomForm@SetParent$qqrp20Controls@TWinControl
@Forms@TCustomForm@WantChildKey$qqrp17Controls@TControlr17Messages@TMessage
@Forms@TCustomForm@SetParentBiDiMode$qqro
@Forms@TCustomForm@GetFloating$qqrv
@Forms@TCustomForm@GetClientRect$qqrv
@Forms@TCustomForm@DefineProperties$qqrp14Classes@TFiler
@Forms@TCustomForm@ReadState$qqrp15Classes@TReader
@Forms@TCustomForm@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Forms@TCustomForm@Loaded$qqrv
@Forms@TCustomForm@DoDestroy$qqrv
@Forms@TCustomForm@DoCreate$qqrv
@Forms@TCustomForm@$bdtr$qqrv
@Forms@TCustomForm@BeforeDestruction$qqrv
@Forms@TCustomForm@$bctr$qqrp18Classes@TComponenti
@Forms@TCustomForm@AfterConstruction$qqrv
@Forms@TCustomForm@$bctr$qqrp18Classes@TComponent
@Forms@TScrollingWinControl@AdjustClientRect$qqrr11Types@TRect
@Forms@TScrollingWinControl@AutoScrollInView$qqrp17Controls@TControl
@Forms@TScrollingWinControl@AutoScrollEnabled$qqrv
@Forms@TScrollingWinControl@$bdtr$qqrv
@Forms@Application
@$xp$11Forms@TForm
@Forms@TForm@
@Imglist@initialization$qqrv
@Imglist@Finalization$qqrv
@Menus@initialization$qqrv
@Menus@Finalization$qqrv
@Controls@initialization$qqrv
@Controls@Finalization$qqrv
@Controls@TWinControl@CanAutoSize$qqrrit1
@Controls@TWinControl@AssignTo$qqrp19Classes@TPersistent
@Controls@TWinControl@ConstrainedResize$qqrrit1t1t1
@Controls@TWinControl@CanResize$qqrrit1
@Controls@TWinControl@GetClientOrigin$qqrv
@Controls@TWinControl@GetControlExtents$qqrv
@Controls@TWinControl@Repaint$qqrv
@Controls@TWinControl@Update$qqrv
@Controls@TWinControl@Invalidate$qqrv
@Controls@TWinControl@GetDeviceContext$qqrrui
@Controls@TWinControl@ShowControl$qqrp17Controls@TControl
@Controls@TWinControl@SetBounds$qqriiii
@Controls@TWinControl@CustomAlignPosition$qqrp17Controls@TControlrit2t2t2r11Types@TRectrx19Controls@TAlignInfo
@Controls@TWinControl@CustomAlignInsertBefore$qqrp17Controls@TControlt1
@Controls@TWinControl@CreateHandle$qqrv
@Controls@TWinControl@DestroyWnd$qqrv
@Controls@TWinControl@$bdtr$qqrv
@Controls@TControl@InitiateAction$qqrv
@Controls@TControl@GetFloatingDockSiteClass$qqrv
@Controls@TControl@SetBiDiMode$qqr17Classes@TBiDiMode
@Controls@TControl@SetEnabled$qqro
@Controls@TControl@SetName$qqrx17System@AnsiString
@Controls@TControl@SetAutoSize$qqro
@Controls@TControl@SetWidth$qqri
@Controls@TControl@SetDragMode$qqr18Controls@TDragMode
@Controls@TControl@GetAction$qqrv
@Controls@TControl@GetEnabled$qqrv
@Controls@TControl@GetDragImages$qqrv
@Controls@TControl@$bdtr$qqrv
@Buttons@initialization$qqrv
@Buttons@Finalization$qqrv
@Toolwin@initialization$qqrv
@Toolwin@Finalization$qqrv
@Comstrs@initialization$qqrv
@Comstrs@Finalization$qqrv
@Extdlgs@initialization$qqrv
@Extdlgs@Finalization$qqrv
@Extactns@initialization$qqrv
@Extactns@Finalization$qqrv
@Listactns@initialization$qqrv
@Listactns@Finalization$qqrv
@Comctrls@initialization$qqrv
@Comctrls@Finalization$qqrv
@Comctrls@TPageControl@
@Comctrls@TTabSheet@

borlndmm

ord2

kernel32

FreeLibrary
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree

cc3260mt

@$bdele$qpv
@$bdla$qpv
@$bnew$qui
@$bnwa$qui
@_CatchCleanup$qv
@_InitTermAndUnexPtrs$qv
@_ReThrowException$quipuc
__ErrorExit
__Return_unwind
___CRTL_MEM_GetBorMemPtrs
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
____ExceptionHandler
__argc
__argv
__argv_default_expand
__exitargv
__ftol
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__matherr
__matherrl
__setargv
__startup
__wargv_default_expand
_free
_malloc
_memcpy
_memmove
_sscanf
_vsnprintf

stlpmt45

ord64
ord524
ord573
ord202
ord203
ord218
ord216
ord219
ord213
ord211
ord215
ord1077
ord1076
ord1081
ord53
ord58
ord54
ord56
ord1043
ord61
ord63
ord60
ord12
ord185
ord186
ord179
ord171
ord639
ord637
ord640
ord642
ord643

Exports

Exports

@@Form@Finalize
@@Form@Initialize
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ababec12d05e7b081c22e0fa72fcf3d

Headers

File Characteristics

Imports

rtl60.bpl

vcl60.bpl

borlndmm

kernel32

cc3260mt

stlpmt45

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 8KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 12KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 28KB

.text
Size: 25KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 8KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 12KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 28KB