100506fccd95a43eaf83cfed315f3cd5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

100506fccd95a43eaf83cfed315f3cd5_JaffaCakes118
Size

102KB
MD5

100506fccd95a43eaf83cfed315f3cd5
SHA1

1aebd8785fe4c6b622c75f95668116527045892b
SHA256

f56115acd158e14f5aa9baf5fadb54bc0df72932f9d42ee734605179b7f24dd5
SHA512

85ca3e8b84cba49bfd7be7b1180232a033ee52dd165760798e7ac692b0bc0cecd24702dbbb31f7b3115a120f418f208d49f5896e6246d4a5a7a060a295c80afe
SSDEEP

1536:cB/zRwRqTDNwfejOjk9lXiS8e35L6Hjss/ruxEl66zhJL5f:cxzyNUMk9lh8djFrT66VJL5f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
100506fccd95a43eaf83cfed315f3cd5_JaffaCakes118

Files

100506fccd95a43eaf83cfed315f3cd5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d1d8f4e2d16533f06148b1083098f1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\global\Release\bin\acad\Assist.pdb

Imports

adui16

??1CAdUiRegistryWriteAccess@@UAE@XZ
?SetDWord@CAdUiRegistryWriteAccess@@QAEHABV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@K@Z
??0CAdUiRegistryAccess@@QAE@PAUHKEY__@@ABV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
??1CAdUiRegistryAccess@@UAE@XZ
?IsOpen@CAdUiRegistryAccess@@QAEHXZ
?GetDWord@CAdUiRegistryAccess@@QAEKABV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
??0CAdUiBaseDialog@@QAE@IPAVCWnd@@PAUHINSTANCE__@@@Z
?DoDataExchange@CAdUiBaseDialog@@MAEXPAVCDataExchange@@@Z
?GetThisMessageMap@CAdUiBaseDialog@@KGPBUAFX_MSGMAP@@XZ
?SetContextHelpPrefix@CAdUiBaseDialog@@QAEXPBD@Z
?AppRootKey@CAdUiBaseDialog@@UAEPBDXZ
?OnInitDialog@CAdUiBaseDialog@@MAEHXZ
?GetRuntimeClass@CAdUiBaseDialog@@UBEPAUCRuntimeClass@@XZ
?PreCreateWindow@CAdUiBaseDialog@@MAEHAAUtagCREATESTRUCTA@@@Z
?PreTranslateMessage@CAdUiBaseDialog@@UAEHPAUtagMSG@@@Z
?PostNcDestroy@CAdUiBaseDialog@@MAEXXZ
?Create@CAdUiBaseDialog@@UAEHIPAVCWnd@@@Z
?Create@CAdUiBaseDialog@@UAEHPBDPAVCWnd@@@Z
?DoAdUiMessage@CAdUiBaseDialog@@MAE?AW4ADUI_REPLY@@W4ADUI_NOTIFY@@IJ@Z
?OnNotifyControlChange@CAdUiBaseDialog@@MAE?AW4ADUI_REPLY@@IJ@Z
?OnNotifyControlValid@CAdUiBaseDialog@@MAE?AW4ADUI_REPLY@@IH@Z
?OnNotifyGeneric@CAdUiBaseDialog@@MAE?AW4ADUI_REPLY@@IJ@Z
?OnNotifyUpdateTip@CAdUiBaseDialog@@MAE?AW4ADUI_REPLY@@PAVCWnd@@@Z
?FindContextHelpFullPath@CAdUiBaseDialog@@MAEHPBDAAV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?OnInitDialogBegin@CAdUiBaseDialog@@MAEXXZ
?OnInitDialogFinish@CAdUiBaseDialog@@MAEXXZ
??0CAdUiRegistryWriteAccess@@QAE@PAUHKEY__@@ABV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
??1CAdUiBaseDialog@@UAE@XZ
?AppMainWindow@CAdUiBaseDialog@@UAEPAVCWnd@@XZ
?AppResourceInstance@CAdUiBaseDialog@@UAEPAUHINSTANCE__@@XZ
?EnableFloatingWindows@CAdUiBaseDialog@@UAEXH@Z
?IsMultiDocumentActivationEnabled@CAdUiBaseDialog@@UAEHXZ
?EnableMultiDocumentActivation@CAdUiBaseDialog@@UAEHH@Z
?DoDialogHelp@CAdUiBaseDialog@@UAEHXZ
?ExchangeData@CAdUiBaseDialog@@UAEHH@Z
?SetContextHelpFullPathName@CAdUiBaseDialog@@QAEXPBD@Z
?DoModal@CAdUiBaseDialog@@UAEHXZ

mfc70

ord4063
ord1466
ord3487
ord4322
ord512
ord698
ord705
ord1014
ord977
ord1017
ord1013
ord947
ord5325
ord5324
ord5153
ord1870
ord546
ord3140
ord4042
ord4262
ord3751
ord2461
ord3513
ord3523
ord3522
ord2352
ord2463
ord2359
ord2651
ord2529
ord4088
ord2648
ord2546
ord2356
ord5322
ord4985
ord5002
ord4349
ord3750
ord2096
ord4998
ord4996
ord2741
ord1770
ord3640
ord5152
ord5933
ord4883
ord899
ord3614
ord5339
ord1868
ord1913
ord4107
ord5990
ord3609
ord5992
ord3814
ord3832
ord1081
ord1077
ord256
ord1767
ord257
ord408
ord1830
ord260
ord1088
ord3711
ord5176
ord1476
ord3246
ord300
ord1805
ord3886
ord1944
ord3051
ord701
ord1646
ord5813
ord5997
ord5838
ord3445
ord3409
ord3196
ord5591
ord330
ord570
ord4870
ord5095
ord2200
ord5880
ord957
ord982
ord4361
ord956
ord1155
ord3907
ord447
ord650
ord4530
ord4516
ord3993
ord5369
ord1755
ord2177
ord6000
ord5092
ord6011
ord5103
ord5446
ord1432
ord4043
ord4267
ord2675
ord4972
ord1451
ord1507
ord1508
ord1814
ord4954
ord1234
ord4748
ord3152
ord5991
ord3610
ord5993
ord1377
ord2020
ord2026
ord2234
ord2216
ord2214
ord2237
ord2242
ord2223
ord2239
ord823
ord819
ord821
ord817
ord812
ord5714
ord1452
ord1097
ord4503
ord3208
ord4975
ord3966
ord5989
ord4854
ord1760
ord4933
ord4025
ord1272
ord3748
ord1469
ord1472
ord5666
ord1403
ord1522
ord1523
ord4671
ord4958
ord3062
ord3488
ord518
ord2201
ord4986
ord2799
ord1273
ord5669
ord422
ord642
ord703
ord3233
ord277
ord531
ord1989
ord1019
ord2628
ord1035
ord3439
ord3406
ord3413
ord2990
ord1645
ord1725
ord2474
ord5950
ord1008
ord2750
ord3400
ord3712
ord2232
ord2244
ord2221
ord2225
ord2227
ord2229
ord2219
ord5005
ord5007

msvcr70

_setmbcp
_except_handler3
memmove
strtok
_mbsinc
_ismbcspace
_mbsicmp
_mbsstr
_mbsrchr
_mbsupr
free
_strdup
__CxxFrameHandler
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
Beep
LockResource
WideCharToMultiByte
SizeofResource
LoadResource
FindResourceA
InterlockedExchange
MultiByteToWideChar
lstrlenA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP

user32

ClientToScreen
IsRectEmpty
IntersectRect
OffsetRect
EnableWindow
SetRectEmpty
SetWindowPos
GetWindowLongA
IsWindowEnabled
GetParent
GetForegroundWindow
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
RemoveMenu
LoadMenuA
ReleaseDC
GetDC
SendMessageA
SetMenuDefaultItem
LoadIconA
EnableMenuItem
IsWindowVisible
CheckMenuItem
SetForegroundWindow
IsWindow
PostMessageA
GetCursorPos
GetWindowRect
PtInRect
GetSubMenu
SetTimer
KillTimer

gdi32

GetDeviceCaps

shell32

Shell_NotifyIconA

oleaut32

RevokeActiveObject
RegisterActiveObject
VariantClear
SysAllocString

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WYCao
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d1d8f4e2d16533f06148b1083098f1f

Headers

File Characteristics

PDB Paths

Imports

adui16

mfc70

msvcr70

kernel32

user32

gdi32

shell32

oleaut32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 480B

.WYCao Size: 58KB - Virtual size: 58KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 480B

.WYCao
Size: 58KB - Virtual size: 58KB