2dfcfed175df4423453310f2dc00f88a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2dfcfed175df4423453310f2dc00f88a_JaffaCakes118
Size

32KB
MD5

2dfcfed175df4423453310f2dc00f88a
SHA1

1691289b3a0bb1c4f167b7541ff61f68adc0017d
SHA256

b4b7ef31a7e1d7e88a3ab0a433c26db3edb16091997c340aa18b1368b94939dd
SHA512

6970f6cf88b0af5cfdae2a5b85c00b0914e433f74b117dac25f58df98556e6e1d3e7de6f99786eee37d4cced24b9c5bcaa824bffe3a26a6cb4704a3fe3e6da5d
SSDEEP

384:nYpHRPfyoMGEdBE0e05xcqrWz7voSRBae7JAMqYJLWTHq:nYpFfyoMGEdBA0vcqrIke7eMjLV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dfcfed175df4423453310f2dc00f88a_JaffaCakes118

Files

2dfcfed175df4423453310f2dc00f88a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

607f2b0ccfa402baab7a89d49262336a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

rtl100.bpl

@System@initialization$qqrv
@System@Finalization$qqrv
@System@LoadResString$qqrp20System@TResStringRec
@System@RegisterModule$qqrp17System@TLibModule
@System@@LStrToPChar$qqrx17System@AnsiString
@System@@LStrAddRef$qqrpv
@System@@LStrCmp$qqrv
@System@@LStrCatN$qqrv
@System@@LStrCat3$qqrv
@System@@LStrCat$qqrv
@System@@LStrFromString$qqrr17System@AnsiStringrx28System@%SmallString$iuc$255%
@System@@LStrFromPChar$qqrr17System@AnsiStringpc
@System@@LStrLAsg$qqrpvpxv
@System@@LStrAsg$qqrpvpxv
@System@@LStrArrayClr$qqrpvi
@System@@LStrClr$qqrpv
@System@@Halt0$qqrv
@System@@StartExe$qqrp23System@PackageInfoTablep17System@TLibModule
@System@@DoneExcept$qqrv
@System@@HandleFinally$qqrv
@System@@HandleAnyException$qqrv
@System@TObject@Dispatch$qqrpv
@System@TObject@Free$qqrv
@System@TObject@$bctr$qqrv
@System@TObject@FreeInstance$qqrv
@System@TObject@NewInstance$qqrp17System@TMetaClass
@System@@_CToPasStr$qqrp28System@%SmallString$iuc$255%pxc
@System@@FillChar$qqrpvic
@System@RmDir$qqrx17System@AnsiString
@System@ParamStr$qqri
@System@@_IOTest$qqrv
@Helpintfs@initialization$qqrv
@Helpintfs@Finalization$qqrv
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TComponent@UpdateRegistry$qqrp17System@TMetaClassox17System@AnsiStringt3
@Classes@TComponent@SafeCallException$qqrp14System@TObjectpv
@Classes@TComponent@WriteState$qqrp15Classes@TWriter
@Classes@TPersistent@Assign$qqrp19Classes@TPersistent
@Classes@TStringList@
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Sysutils@StringReplace$qqrx17System@AnsiStringt1t149System@%Set$t21Sysutils@SysUtils__94$iuc$0$iuc$1%
@Sysutils@IncludeTrailingPathDelimiter$qqrx17System@AnsiString
@Sysutils@SysErrorMessage$qqri
@Sysutils@Format$qqrx17System@AnsiStringpx14System@TVarRecxi
@Sysutils@StrPas$qqrpxc
@Sysutils@ExtractFileDrive$qqrx17System@AnsiString
@Sysutils@ExtractFilePath$qqrx17System@AnsiString
@Sysutils@DeleteFile$qqrx17System@AnsiString
@Sysutils@FileExists$qqrx17System@AnsiString
@Sysutils@Trim$qqrx17System@AnsiString
@Sysutils@UpperCase$qqrx17System@AnsiString
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Multimon@initialization$qqrv
@Multimon@Finalization$qqrv
@Registry@initialization$qqrv
@Registry@Finalization$qqrv
@Inifiles@initialization$qqrv
@Inifiles@Finalization$qqrv
@Uxtheme@initialization$qqrv
@Uxtheme@Finalization$qqrv
@Dwmapi@initialization$qqrv
@Dwmapi@Finalization$qqrv
@Flatsb@initialization$qqrv
@Flatsb@Finalization$qqrv
@Mapi@initialization$qqrv
@Mapi@Finalization$qqrv

kernel32

GetModuleHandleA
WaitForSingleObject
SetFileAttributesA
GetLastError
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
CreateFileA
CopyFileA
CloseHandle
Sleep

user32

MessageBoxA

shell32

ShellExecuteExA
ShellExecuteA

vcl100.bpl

@Forms@initialization$qqrv
@Forms@Finalization$qqrv
@Forms@TApplicationHelper@SetMainFormOnTaskBar$qqrxo
@Forms@TApplication@GetExeName$qqrv
@Forms@TApplication@MessageBox$qqrpxct1i
@Forms@TApplication@CreateForm$qqrp17System@TMetaClasspv
@Forms@TApplication@Initialize$qqrv
@Forms@TApplication@ProcessMessages$qqrv
@Forms@TApplication@SetTitle$qqrx17System@AnsiString
@Forms@TCustomForm@QueryInterface$qqsrx5_GUIDpv
@Forms@TCustomForm@RequestAlign$qqrv
@Forms@TCustomForm@UpdateActions$qqrv
@Forms@TCustomForm@ShowModal$qqrv
@Forms@TCustomForm@SetFocus$qqrv
@Forms@TCustomForm@Show$qqrv
@Forms@TCustomForm@Hide$qqrv
@Forms@TCustomForm@CloseQuery$qqrv
@Forms@TCustomForm@Resizing$qqr18Forms@TWindowState
@Forms@TCustomForm@PaintWindow$qqrui
@Forms@TCustomForm@SetFocusedControl$qqrp20Controls@TWinControl
@Forms@TCustomForm@DefaultHandler$qqrpv
@Forms@TCustomForm@DestroyWindowHandle$qqrv
@Forms@TCustomForm@DestroyHandle$qqrv
@Forms@TCustomForm@CreateWindowHandle$qqrrx22Controls@TCreateParams
@Forms@TCustomForm@CreateWnd$qqrv
@Forms@TCustomForm@CreateParams$qqrr22Controls@TCreateParams
@Forms@TCustomForm@AlignControls$qqrp17Controls@TControlr11Types@TRect
@Forms@TCustomForm@WndProc$qqrr17Messages@TMessage
@Forms@TCustomForm@ValidateRename$qqrp18Classes@TComponentx17System@AnsiStringt2
@Forms@TCustomForm@SetParent$qqrp20Controls@TWinControl
@Forms@TCustomForm@WantChildKey$qqrp17Controls@TControlr17Messages@TMessage
@Forms@TCustomForm@SetParentBiDiMode$qqro
@Forms@TCustomForm@GetFloating$qqrv
@Forms@TCustomForm@GetClientRect$qqrv
@Forms@TCustomForm@DefineProperties$qqrp14Classes@TFiler
@Forms@TCustomForm@ReadState$qqrp15Classes@TReader
@Forms@TCustomForm@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Forms@TCustomForm@Loaded$qqrv
@Forms@TCustomForm@DoDestroy$qqrv
@Forms@TCustomForm@DoCreate$qqrv
@Forms@TCustomForm@$bdtr$qqrv
@Forms@TCustomForm@BeforeDestruction$qqrv
@Forms@TCustomForm@$bctr$qqrp18Classes@TComponenti
@Forms@TCustomForm@AfterConstruction$qqrv
@Forms@TCustomForm@$bctr$qqrp18Classes@TComponent
@Forms@TScrollingWinControl@AdjustClientRect$qqrr11Types@TRect
@Forms@TScrollingWinControl@AutoScrollInView$qqrp17Controls@TControl
@Forms@TScrollingWinControl@AutoScrollEnabled$qqrv
@Forms@Application
@$xp$11Forms@TForm
@Forms@TForm@
@Actnlist@initialization$qqrv
@Actnlist@Finalization$qqrv
@Graphics@initialization$qqrv
@Graphics@Finalization$qqrv
@Themes@initialization$qqrv
@Themes@Finalization$qqrv
@Controls@initialization$qqrv
@Controls@Finalization$qqrv
@Controls@TWinControl@UpdateControlOriginalParentSize$qqrp17Controls@TControlr12Types@TPoint
@Controls@TWinControl@DockReplaceDockClient$qqrp17Controls@TControlp20Controls@TWinControlt115Controls@TAlignt1
@Controls@TWinControl@SetParentBackground$qqro
@Controls@TWinControl@CanAutoSize$qqrrit1
@Controls@TWinControl@AssignTo$qqrp19Classes@TPersistent
@Controls@TWinControl@ConstrainedResize$qqrrit1t1t1
@Controls@TWinControl@CanResize$qqrrit1
@Controls@TWinControl@GetClientOrigin$qqrv
@Controls@TWinControl@GetControlExtents$qqrv
@Controls@TWinControl@Repaint$qqrv
@Controls@TWinControl@Update$qqrv
@Controls@TWinControl@Invalidate$qqrv
@Controls@TWinControl@GetDeviceContext$qqrrui
@Controls@TWinControl@ShowControl$qqrp17Controls@TControl
@Controls@TWinControl@SetBounds$qqriiii
@Controls@TWinControl@CustomAlignPosition$qqrp17Controls@TControlrit2t2t2r11Types@TRectrx19Controls@TAlignInfo
@Controls@TWinControl@CustomAlignInsertBefore$qqrp17Controls@TControlt1
@Controls@TWinControl@CreateHandle$qqrv
@Controls@TWinControl@DestroyWnd$qqrv
@Controls@TControl@InitiateAction$qqrv
@Controls@TControl@GetFloatingDockSiteClass$qqrv
@Controls@TControl@SetBiDiMode$qqr17Classes@TBiDiMode
@Controls@TControl@SetEnabled$qqro
@Controls@TControl@SetName$qqrx17System@AnsiString
@Controls@TControl@SetAutoSize$qqro
@Controls@TControl@SetDragMode$qqr18Controls@TDragMode
@Controls@TControl@GetAction$qqrv
@Controls@TControl@GetEnabled$qqrv
@Controls@TControl@GetDragImages$qqrv
@Menus@initialization$qqrv
@Menus@Finalization$qqrv
@Dialogs@initialization$qqrv
@Dialogs@Finalization$qqrv
@Printers@initialization$qqrv
@Printers@Finalization$qqrv
@Extctrls@initialization$qqrv
@Extctrls@Finalization$qqrv
@Graphutil@initialization$qqrv
@Graphutil@Finalization$qqrv
@Clipbrd@initialization$qqrv
@Clipbrd@Finalization$qqrv
@Comctrls@initialization$qqrv
@Comctrls@Finalization$qqrv
@Comctrls@TProgressBar@SetPosition$qqri
@Comctrls@TProgressBar@SetMax$qqri
@Comctrls@TProgressBar@GetMax$qqrv
@Comctrls@TProgressBar@
@Extactns@initialization$qqrv
@Extactns@Finalization$qqrv
@Extdlgs@initialization$qqrv
@Extdlgs@Finalization$qqrv
@Buttons@initialization$qqrv
@Buttons@Finalization$qqrv

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

607f2b0ccfa402baab7a89d49262336a

Headers

File Characteristics

Imports

rtl100.bpl

kernel32

user32

shell32

vcl100.bpl

Sections

.text Size: 7KB - Virtual size: 6KB

.itext Size: 1024B - Virtual size: 640B

.data Size: 512B - Virtual size: 36B

.bss Size: - Virtual size: 24B

.idata Size: 11KB - Virtual size: 10KB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 7KB - Virtual size: 6KB

.itext
Size: 1024B - Virtual size: 640B

.data
Size: 512B - Virtual size: 36B

.bss
Size: - Virtual size: 24B

.idata
Size: 11KB - Virtual size: 10KB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 5KB