ff0a33f4ee1bcbf51774b93c20dbe2a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff0a33f4ee1bcbf51774b93c20dbe2a7_JaffaCakes118
Size

184KB
MD5

ff0a33f4ee1bcbf51774b93c20dbe2a7
SHA1

a53d2aa5655452ff8f2cf8a89526bafcfacf8930
SHA256

a7832b447259348e364fd482e547f72f10aa6be000c961a36a124992b027db74
SHA512

332e42e525ab9bd120304018ac96d97f7bb8201072c69e248b7ed9a56c85de22e423cc86e98b1a0f9908ad7c54d9c2291461a93612b828c6768947efb88c99ba
SSDEEP

3072:ReOoqOdpnm/aycqKM8ZOY8n2fk6DD8b0357fKKNmv:1oLd8/b6/82fk6DYY357fKKNmv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff0a33f4ee1bcbf51774b93c20dbe2a7_JaffaCakes118

Files

ff0a33f4ee1bcbf51774b93c20dbe2a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e78ebeedf240bda083cf8f2dea1e61b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

elib

emet_MeterCancelQuery
hex908798435
eimg_FileCopy
eint_GetInit
esmg_LogMessage
emet_MeterInfoPrint
emet_MeterInfoChangeTaskName
emsc_HeapFreeEx
eprj_MapInfoPixelSizeSet
epmg_GetEnumPreference
efio_Create
efio_TempName
efio_FileExists
estr_Sprintf
estr_GetPathPart
estr_GetExtPart
efio_FileNameParse
estr_GetNamePart
edlm_GetAddr
esmg_JobEnd
exfr_XFormCopy
egda_BaseDataCreate
estr_StringListCreate
eprj_MapInfoLowerRightCenterSet
eprj_MapInfoUpperLeftCenterSet
eprj_MapInfoCopy
emsc_HeapRealloc
ehis_EventGenerateAndAppend
eaoi_AreaOfInterestDelete
eaoi_AreaOfInterestCopy
ehfa_FileClose
eaoi_ReadAoiFromHfaFile
ehfa_FileOpen
eprj_ConvertMetersToLonSize
ecvt_UnitsConvertByName
emif_EmifStringFromString
epmg_GetNumberPreference
efio_FindFilesInPath
efnp_FileNameGet
edlm_CountList
edlm_FreeList
efio_FileNameCorrect
efio_FileNameVerifyAddDefaultPath
eimg_LayerClose
eimg_LayerOpen
eimg_LayerStackClose
eprj_ProjectionCopy
eimg_LayerStackOpen
eimg_LayerGetNames
estr_LowerCase
eprj_ProjectionInit
estr_GetRootPart
efga_BaseCoordBlockCreate
efga_CoordBlockDelete
eant_ProParametersGet
evec_BboxDelete
eant_MapInfoGet
eant_ElementListBoundingBoxGet
evec_LayerClose
evec_GetAttributeByRecNum
evec_GetBboxFromCoordBlock
eprj_CharStrCreate
eprj_MapInfoCreate
evec_ReadPolygon2
evec_GetAttNames
evec_InitializeAttTable
edlm_Delete
evec_GetTotalNumberPolyElements
evec_LayerOpenGeneric
evec_LayerIsArcCoverage
eant_CoordSysConversionFree
eant_RectangleGetVectorData
eant_CoordSysConversionSetValues
exfr_XFormFree
eant_VectorDataGet
eant_AddXForm
eprj_ConvertLonSizeToMeters
eprj_MapInfoUnitsSet
eprj_MapInfoProjectionNameSet
eprj_ProParametersCreate
estr_Eqnic
eprj_ProjectionPairFree
eprj_ProParametersFree
eprj_ProjectPairWithUnits
eprj_ProjectionPairInit
efio_Close
exfr_XFormCreateUnity
efio_Open
egda_BaseDataDelete
exfr_Transform
exfr_XFormInvert
eimg_MapInfoRead
evec_GetAttribute
evec_ReadArc
evec_GetTotalNumberArcElements
eprj_PointsFree
eprj_ProjectWithUnits
eprj_PointsCreate
efio_FileNameEq
esmg_ApplicationInit
esmg_ComLineArgsGet
esmg_ProcessInit
edlm_InitList
edlm_Add
esmg_OSVersionCheck
estr_GetEnv
efio_SearchListGenerateAndIdentifyFiles
emsc_HeapFree
eprj_ProjectionLibraryRead
eprj_ProjectionLibraryGetTitle
eprj_ProjectionLibraryGetItemByName
eprj_ProjectionItemProParametersGet
eprj_ProParametersCopy
estr_StringListDelete
efio_FileUnlink
estr_StringListAppend
eerr_DeleteErrorReportEx
estr_Eqic
etxt_Text_strcmp
efio_Sscanf
emet_MeterInfoCreate
efnp_FileNameExternalToInternal
estr_RemoveChars
emsc_HeapMalloc
estr_Duplicate
eint_InitToolkit
eerr_CreateErrorReport
eerr_PrintErrorReport
esmg_ProcessExit
esec_CheckSecurity
esmg_JobInit
esmg_IsBatchRun
eerr_SetAltErrorFunction
eprj_ProjectionFree
earg_DoArgs

eraster

eprj_ProjectionLibraryFree

emllib

eeml_SMRunArgcArgv
eeml_LogErrorContents

emoslib

emsx_ReadArg
emos_LayerReprojectionX
emso_ClipImageWithCutline
emso_SetCutlineSide
emso_CutlineDelete
emso_UnprojectCutlinePoints
emso_CutlineMeasure
emos_ExtendCoordBlockWithPolygon
emso_ClipAndMergeCutline
emso_CutlineCopy
emso_ReprojectCutlinePoints
emso_CutlineCreate
emso_ImageNameOnList
emso_IntersectDelete
emos_CBInfoUseColorBalancing
emos_CBInfoCopyParams
emos_SetSurfaceMethod
emos_CBTargetGetCBInfo
emso_ReprojectOutputPointsMSH
emos_CBTargetListGetFile
emso_GetRegionFromCoordblock
emos_CBTargetListGetCount
emos_CBTargetListLoadASCII
emos_IDTargetListDestroy
emos_IDInfoCopy
emos_IDTargetGetIDInfo
emos_IDTargetListGetTarget
emos_IDTargetListLoadASCII
emos_IDTargetSetMeter
emos_IDTargetListReOpenTarget
emos_IDTargetSetActiveArea
emos_MakeActiveAreaFileAOI
emos_CoordinateBlocksToRegion
emos_IDTargetSetExclusionArea
emos_IDTargetSetIDInfo
emos_IDTargetListAdd
emos_IDTargetListCreate
emso_OutputDelete
emos_CBTargetGetLayerCount
emso_GetCoordblockFromAOIPolygon
emso_MosaicInfoDelete
emos_MosaicXXX
emso_MosaicReadX
emos_CBInfoSetIgnore
emso_OutputCreate
emos_CoordinateBlockArrayCreate
emso_ReprojectOutputPoints
emos_RegionFree
emos_DeriveExternalRegion
emos_RegionCopy
emos_PolyUnion
emos_CBTargetListGetTarget
emso_NameOnList
emos_CBInfoGetFilter
emos_MosaicInfoXInit
emos_CoordinateBlockToPolyline
emso_MosaicWrite
emso_SaveOverlaps
emso_GetIntersectFromPolygon
emso_SetImageAreaAOI
emso_ImageCreate
emso_FindUniqueImageID
emso_SetImageParametersBlk
emso_ImageDelete
emso_SetImageParameters
emso_SetImageAreaCrop
emso_SetImageAreaEntireBlk
emso_SetImageAreaCompute
emso_SetImageAreaTemplate
emso_ReprojectImagePoints
emos_IDInfoCreate
emos_ValidateBlkImage
emso_MosaicInfoCreate
emso_ResampleInfoCreate
emso_SetOutputProjection
emso_ResampleInfoDelete
emso_GenerateWeightedCutlines
emso_GenerateGeometricCutlines
emos_ReadAndRepairAOI
emso_SaveCutlines

ewaflib

ewaf_IsFilterActive

ephoguilib

epho_BlockDataCreate
ebgm_ImageGet
epho_BlockDataRead
epho_BlockDataReadOrthoList

emdblib

emdb_ReadMapsProjection
emdb_ReadMapsIndexSize
emdb_ReadMapsForRectangle
emdb_MapDefinitionListDelete
esht_MapDefinitionListRead
esht_ProjInfoRead
esht_MapDefinitionListDelete
emdb_SeriesNodeExists

viewlib

edis_CoordListDelete
edis_CoordListNew
edis_CoordListInsert
edis_CoordListIntersectionGet

msvcr71

fabs
strchr
strtok
strcmp
qsort
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
strlen
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
atoi
_amsg_exit
_iob
strtod

kernel32

GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9e78ebeedf240bda083cf8f2dea1e61b

Headers

File Characteristics

Imports

elib

eraster

emllib

emoslib

ewaflib

ephoguilib

emdblib

viewlib

msvcr71

kernel32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 72KB - Virtual size: 72KB