12151b29466bbf7fa83757064eda9d2e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12151b29466bbf7fa83757064eda9d2e_JaffaCakes118
Size

168KB
MD5

12151b29466bbf7fa83757064eda9d2e
SHA1

00fc042a3f1f75cdad2f4cf24e7a3ec659bf5710
SHA256

ab438ae7fe6a4fe3a11e6a53b2050b932d2f53367386a65bf007357ffbaf464e
SHA512

8eff487f7ccf452aa9dd405e84fd97ecf1899e99f55310e02d21594af835ce5a0d88af8445f2a5980c48688b32fab7fd2280fdac211c4db64953d71cdf6e5e08
SSDEEP

3072:0mlWUtofnNPslJJQB8/E/N6pD5wHG+3NTEtjhvse14NocXr3hH:0m8FCUBQdp+m+3SRhvsekJzh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12151b29466bbf7fa83757064eda9d2e_JaffaCakes118

Files

12151b29466bbf7fa83757064eda9d2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc5ced0af15faeaf34a052f880cc501f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Workplace\miktex-ktug\2.4\src\freetype\contrib\ttf2pk\WinRel\ttf2pk.pdb

Imports

miktex-freetype-3

TT_Get_Outline_BBox
TT_Load_PS_Names
TT_New_Instance
TT_Get_Face_Properties
TT_Set_Instance_Transform_Flags
TT_Get_Glyph_Outline
TT_Set_Instance_CharSize
TT_Load_GSUB_Table
TT_Char_Index
TT_GSUB_Select_Feature
TT_Open_Collection
TT_Get_CharMap
TT_Open_Face
TT_Get_PS_Name
TT_GSUB_Select_Script
TT_Set_Instance_Resolutions
TT_GSUB_Add_Feature
TT_GSUB_Apply_String
TT_Get_Glyph_Bitmap
TT_Translate_Outline
TT_Init_FreeType
TT_Load_Glyph
TT_Get_CharMap_ID
TT_New_Glyph
TT_Init_GSUB_Extension
TT_Get_Glyph_Big_Metrics
TT_Transform_Outline
TT_GSUB_Select_Language
TT_Close_Face
TT_Init_Post_Extension

miktex-core-2

?MiKTeXUninitialize@MiKTeX@@YG_NXZ
_miktex_find_enc_file@8
_miktex_find_ttf_file@8
_miktex_find_tfm_file@8
_miktex_get_miktex_version_string_ex@8
?MiKTeXInitialize@MiKTeX@@YG_NXZ
_miktex_exit@4
_miktex_find_app_input_file@12

miktex-texmf-2

?Finalize@CMiKTeXApp@MiKTeXMF@@UAGXXZ
??1CMiKTeXApp@MiKTeXMF@@UAE@XZ
??0CMiKTeXApp@MiKTeXMF@@QAE@XZ
?Init@CMiKTeXApp@MiKTeXMF@@UAGXXZ

msvcr71

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_CxxThrowException
?terminate@@YAXXZ
__dllonexit
_onexit
_controlfp
__getmainargs
_amsg_exit
__p___initenv
_cexit
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
??3@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
floor
atoi
fputs
strncat
isdigit
rewind
exit
getc
fseek
ftell
fwrite
printf
perror
fclose
fopen
strtol
sprintf
realloc
fgetc
malloc
isspace
strncmp
sscanf
free
vfprintf
_iob
fprintf
putc
_strdup
__CxxFrameHandler
fflush

msvcp71

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?to_char_type@?$char_traits@G@std@@SAGABG@Z
?to_int_type@?$char_traits@G@std@@SAGABG@Z
?eq_int_type@?$char_traits@G@std@@SA_NABG0@Z
?eof@?$char_traits@G@std@@SAGXZ
?to_char_type@?$char_traits@D@std@@SADABH@Z
?to_int_type@?$char_traits@D@std@@SAHABD@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
??Bid@locale@std@@QAEIXZ
?_Incref@facet@locale@std@@QAEXXZ
??1locale@std@@QAE@XZ
?is@?$ctype@D@std@@QBE_NFD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?is@?$ctype@G@std@@QBE_NFG@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
?rdstate@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?width@ios_base@std@@QAEHH@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEXXZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?_Myptr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEABGI@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGD@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Register@facet@locale@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$ctype@G@std@@2V0locale@2@A

kernel32

GetModuleHandleA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�ɈC�
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc5ced0af15faeaf34a052f880cc501f

Headers

File Characteristics

PDB Paths

Imports

miktex-freetype-3

miktex-core-2

miktex-texmf-2

msvcr71

msvcp71

kernel32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 888B

�ɈC� Size: 84KB - Virtual size: 84KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 888B

�ɈC�
Size: 84KB - Virtual size: 84KB