fa244c62cbd41c709723f4ad6b66481f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa244c62cbd41c709723f4ad6b66481f_JaffaCakes118
Size

78KB
MD5

fa244c62cbd41c709723f4ad6b66481f
SHA1

b61a8b9742c90f65bc426e63a47629b39b5c8bed
SHA256

e80589f87d50841f59d88261e3847b9a6c9fa4f33d957cf073a916d5a2977694
SHA512

ecd32a5f26d3b5597c3b40e1849860939345746bffb7449ff62e500e0132a777b64061bee6e6697d8f5fb576fbb059c02d6689be056ff78aaab42a6a269cfef9
SSDEEP

768:H70VYOO7R4OW8SkuoOg3ncxbzTkP6GeDdlqqSIZ9s:guzzEgsn3DdMqS0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa244c62cbd41c709723f4ad6b66481f_JaffaCakes118

Files

fa244c62cbd41c709723f4ad6b66481f_JaffaCakes118
.dll windows:1 windows x86 arch:x86

1832735d0228c9e0cb6deb36d558a86d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

c55runx

Cla$ACCEPTED
Cla$CLEAR
Cla$CLOCK
Cla$DAY
Cla$DecAdd
Cla$DecDistinct
Cla$DecDistinctR
Cla$DISPLAY
Cla$DPopLong
Cla$DPopReal
Cla$DPushLong
Cla$DStack2Stack
Cla$EndEventLoop
Cla$EndEventLoops
Cla$EVENT
Cla$FIELD
Cla$FOCUS
Cla$freewindow
Cla$GetPropS
Cla$init
Cla$KEYCODE
Cla$loadbtdate
Cla$loadbttime
Cla$MessageBox
Cla$modulus
Cla$MONTH
Cla$OPENwindow
Cla$PopBind
Cla$PopReal
Cla$POST
Cla$PushBind2
Cla$PushLong
Cla$PushString
Cla$pwopen
Cla$realdistinct
Cla$SELECT
Cla$SETCLOCK
Cla$SetPropS
Cla$SETTODAY
Cla$Stack2DStack
Cla$StackCompareNEQ
Cla$StackConcat
Cla$StackDEFORMAT
Cla$StartEventLoop
Cla$StashBP
Cla$storebtdate
Cla$storebttime
Cla$TODAY
Cla$YEAR
_free
_malloc
__sysinit
__systerm

tanim

$GLOBALREQUEST
$GLOBALRESPONSE
$VCRREQUEST
ADDITEM@F13WINDOWMANAGER12TOOLBARCLASS
ASK@F13WINDOWMANAGER
CONSTRUCT@F10FUZZYCLASS
INIT@F10ERRORCLASS
INIT@F10FUZZYCLASS
INIT@F13WINDOWMANAGER
INIT@F8INICLASSsb
KILL@F10ERRORCLASS
KILL@F10FUZZYCLASS
KILL@F13WINDOWMANAGER
KILL@F8INICLASS
OPEN@F13WINDOWMANAGER
PRIMEFIELDS@F13WINDOWMANAGER
PRIMEUPDATE@F13WINDOWMANAGER
RESET@F13WINDOWMANAGERUc
RESTOREFIELD@F13WINDOWMANAGERl
RUN@F13WINDOWMANAGER
RUN@F13WINDOWMANAGERUsUc
SETALERTS@F13WINDOWMANAGER
SETOPTION@F10FUZZYCLASSUcUc
SETPROCEDURENAME@F10ERRORCLASSOsb
SETRESPONSE@F13WINDOWMANAGERUc
TAKEACCEPTED@F13WINDOWMANAGER
TAKECLOSEEVENT@F13WINDOWMANAGER
TAKECOMPLETED@F13WINDOWMANAGER
TAKEEVENT@F13WINDOWMANAGER
TAKEFIELDEVENT@F13WINDOWMANAGER
TAKENEWSELECTION@F13WINDOWMANAGER
TAKEREJECTED@F13WINDOWMANAGER
TAKESELECTED@F13WINDOWMANAGER
TAKEWINDOWEVENT@F13WINDOWMANAGER
TYPE$TOOLBARCLASS
UPDATE@F13WINDOWMANAGER
VMT$ERRORCLASS
VMT$FUZZYCLASS
VMT$INICLASS
VMT$TOOLBARCLASS

Exports

Exports

SSAAT:INIT@F10ERRORCLASS8INICLASS
SSAAT:KILL@F
SZAMANI@F

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1832735d0228c9e0cb6deb36d558a86d

Headers

File Characteristics

Imports

c55runx

tanim

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 141B

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 41KB - Virtual size: 41KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 141B

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 41KB - Virtual size: 41KB

.reloc
Size: 4KB - Virtual size: 4KB